|
||||||||
Mathias Burén wrote: > Hi, I'm tempted by this m0n0wall software. I have a few questions > though: > > Can m0n0wall block an IP completely? I mean, block someone from the > LAN from accessing the internet. > Can m0n0wall limit upload and/or download traffic per-ip-adress or per > mac-adress? Per ip/port even? Sure, you can block an IP completely. First, create an Alias for trouble maker IP... (see long tread recently about confusion on what an Alias is first...) Next, create a firewall rule on the LAN (I assume LAN) that looks like this: Action: Block Interface: LAN Protocol: any Source Type: Single host or alias Address: <Insert Alias name> Source port range from: any to: any Destination Type: any Destination port range from: any to: any Log: Log packets that are handled by this rule (if you want to ...) Description: Block trouble maker... This rule needs to be before the default Pass LAN to any rule. As far as the limiting traffic, this is the function of the Traffic Shaper - I don’t have any positive experience with it. I do know that per MAC is not supported. Good Luck. _________________________________ James W. McKeand |