Setup Firewall Traffic Rule to reject all communication to ports

DrAxelbauer · January 8, 2024, 1:23pm

Hi there!
I am a little out of ideas as to the following usecase:
I want to reject all traffic from any Machine (IP) within the lan to a specific port on a specific machine (IP).
In short: Reject all traffic in the subnet 192.169.10.xx ("lan" interface) to 192.168.10.130 ports 137 138 139 445 (Samba ports of the samba service)
Here is the setup:

But I can still connect to my samba shares without any problem. What am I missing here? Shouldn´t this reject the communication between any client and 192.168.10.130 ?

thanks!

frollic · January 8, 2024, 1:31pm

traffic within the same subnet doesn't pass the firewall.

DrAxelbauer · January 8, 2024, 1:38pm

Thanks! Good to know! – I thought that every package is being inspected by the firewall – So at least I need two subnets to reject/access between those two.

frollic · January 8, 2024, 1:39pm

... or a fw on the samba host .

system · January 18, 2024, 1:40pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.