Block Traffic IN and OUT for a internal IP

General questions
#1

Hello Guys, long time no see

I have a small problem with some customers and i whant somehow to solv it.

Some customers buy VPS from us and use it to make Flood/DDos from ower network/servers to external.

I have from providers blackhole rule but the blackhole rule its to block all incoming trafic to the ip but traffic out still works.

So, the VPS have ip 89.34x.xxx.50 i null it (blackhole) but the traffic out still works, is there a way to complet block any trafic IN/OUT for this ip as example ?

THank you.

#2

For out blocking

set firewall group address-group BLOCK address '192.0.2.1'
set firewall name OUT default-action 'accept'
set firewall name OUT rule 10 action 'drop'
set firewall name OUT rule 10 source group address-group 'BLOCK'
set interfaces ethernet eth1 firewall out name 'OUT'
2 Likes