Plz Explain "And" / "Or" Firewall Rule

firewall
#1

Can someone plz tell me when to use “And” and when to use “Or” when creating firewall rules.

For example, if i create a rule saying if country does not equal USA “And” UK then challenge this works correctly.

But if i say USA “Or” UK, then i get challenged from UK which i shouldn’t.

So i’m very confused when “And” / “Or” should be used!

#2

If you are using more than one country code for the same condition, you’d better use “is not in” instead of “does not equal”. So resulting expression would be:

(not ip.geoip.country in {"US" "GB"})

which would apply the chosen action to anyone coming from any country except United States and United Kingdom.

1 Like
closed #3

This topic was automatically closed after 30 days. New replies are no longer allowed.