Gateway Network Policy Not working

I have enforced an IP to be blocked as part of Gateway Network policy. However , the IP is not being blocked.

DNS related policies are working fine however.

The Gateway network policy is given below :-

Output for ping is given below :-

ramachandransesh@system:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=60 time=27.4 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=60 time=27.8 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=60 time=27.7 ms

Output for curl given below (The site is being reached however):-

ramachandransesh@system:~$ curl https://8.8.8.8
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="https://dns.google/">here</A>.
</BODY></HTML>

I have enabled warp in my linux machine and the current setting looks like this :-

ramachandransesh@system:~$ warp-cli settings
Merged configuration:
Always On: false
Switch Locked: false
Mode: Warp
Cloudflare for Families: None
Disabled for Wifi: false
Disabled for Ethernet: false
Gateway Id: <redacted>
Enable DNS logging: false
Onboarding: true
Exclude mode, with hosts/ips:
  10.0.0.0/8
  100.64.0.0/10
  169.254.0.0/16
  172.16.0.0/12
  192.0.0.0/24
  192.168.0.0/16
  224.0.0.0/24
  240.0.0.0/4
  255.255.255.255/32
  fe80::/10
  fd00::/8
  ff01::/16
  ff02::/16
  ff03::/16
  ff04::/16
  ff05::/16

Fallback domains:
  intranet
  internal
  private
  localdomain
  domain
  lan
  home
  host
  corp
  local
  localhost
  home.arpa
  invalid
  test
Daemon Teams Auth: false
Disable Auto Fallback: false
Captive Portal: 180
Support URL: 
Organization: <redacted>
Allow Mode Switch: false
Allow Updates: false
Allows to Leave Org: true

The output for curl to trace url is below :-

ramachandransesh@system:~$ curl https://www.cloudflare.com/cdn-cgi/trace
fl=<redacted>
h=www.cloudflare.com
ip=<redacted>
ts=1649390708.389
visit_scheme=https
uag=curl/7.68.0
colo=BOM
http=http/2
loc=IN
tls=TLSv1.3
sni=plaintext
warp=plus
gateway=off

The output from browser is given below :-

I have also enabled Network Firewall settings. Screenshot below.

However, I am unable to determine where I am going wrong. The trace url output shows gateway=off.

I am using $0 plan as of now.

What the logs say?
Check all DNS, Network and HTTP. There must be indication why such traffic is allowed.

Same Issue Here

For anyone reading this, if you have set your WARP to “Include IPs and domains” instead of exclude, make sure that you add your domain in there aswell.

That’s where I wasted all my time.