[ previous ] [ next ] [ threads ]
 
 From:  Max Khitrov <mkhitrov at umd dot edu>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Blocking an IP range - how to?
 Date:  Wed, 24 Nov 2004 20:38:31 -0500
I did some searching on this subject and by the looks of it (unless I 
missed something) this isn't possible. If that's the case, then maybe 
something to consider for future versions?

I just set up my m0n0wall on my network and so far it seems to be 
working fine. However, the way my network is structured is that we have 
2 gateways, both of which are connected to the same network and serve 
computers on the same subnet. Needed this for 2 public IPs :) Each 
computer is assigned to a specific gateway, all it comes down to is 
either they use 192.168.1.1 or 192.168.1.2, no real difference.

Now the other router, lets say 192.168.1.2 which is my m0n0wall, would 
be configured in such a way so that if a computer assigned to 
192.168.1.1 tries to connect through this one it would be denied access. 
On my old d-link box this was pretty easy to do with filters, I would 
just say that computers 192.168.1. [10]-[20] are blocked. With m0n0wall 
on the other hand, I'm looking but all I can see is a way to block a 
single IP. Do I really have to specify every IP separately, or is there 
a way to block a range?