First you want to create the rules that allow the few subnets access,
then you create another rule that blocks everyone access. As long as the
block rule comes after all the accept rules, it should work exactly as
you want it to. The block rule is a "block all" rule. Since the allow
rules come before it, they will match first and you won't have to worry
about block all rule overriding anything.
That's about the idea of it, unless you mean in more technical detail.
Joe Lagreca wrote:
> I have a rule that allows https traffic to an internal IP. However, I want
> to limit https to a few subnets. Can I do this all in the same rule, by
> somehow listing multiple networks to allow or do I have to create multiple
> rules to allow each network?