Hello Guys, long time no see
I have a small problem with some customers and i whant somehow to solv it.
Some customers buy VPS from us and use it to make Flood/DDos from ower network/servers to external.
I have from providers blackhole rule but the blackhole rule its to block all incoming trafic to the ip but traffic out still works.
So, the VPS have ip 89.34x.xxx.50 i null it (blackhole) but the traffic out still works, is there a way to complet block any trafic IN/OUT for this ip as example ?
THank you.
For out blocking
set firewall group address-group BLOCK address '192.0.2.1'
set firewall name OUT default-action 'accept'
set firewall name OUT rule 10 action 'drop'
set firewall name OUT rule 10 source group address-group 'BLOCK'
set interfaces ethernet eth1 firewall out name 'OUT'
2 Likes
set firewall group address-group ‘BLOCK’ < this was missing and not worked widouth
set firewall name OUT default-action ‘accept’
set firewall name OUT rule 11 action ‘drop’
set firewall name OUT rule 11 source group address-group ‘BLOCK’
set interfaces ethernet eth1 firewall out name ‘OUT’
and to block an ip
set firewall group address-group BLOCK address ‘192.0.2.1’