Firewall - Exceptions

gsepulveda · April 16, 2012, 11:50pm

Hi there,
I have used the instructions found on this link : http://gregsowell.com/?p=894 in order to block part of the p2p traffic.
So far its working ok, I can’t bring up any search for torrent files/sites and pretty happy with it.

Now I was wondering, how to add exceptions to this rules? What I mean is: I have 3 users which are currently bind to bypass the hotspot which are using static ip lock to Mac address. I want this 3 users/IP/MAC to be able to bypass the above rules I created, is there an easy way for this ? or should I just assign lets say:
192.168.88.251/252/253 to them and run the firewall block between 192.168.88.0-250 leaving the last 4 addresses reserved ?

Thanks for that.

A

bburley · April 19, 2012, 2:28am

Instead of defining a “block” of addresses which is less flexible, create an address list called “p2p-bypass” and enter the preferred users addresses into this list.

Now you can apply this to “source address list” to a rule that skips your firewall block, or invert it (NOT) so that anyone not in this list will be directed to the firewall block.