Hi,

Thanks for your reply. I have fixed the screenshot and it should be visible now in the original message.

By inconclusive, i mean some of the websites associated with the IP range intended to be blocked are still logged in OpenDNS stats.

To be clear, from your message, it seems to accomplish a complete bock of an IP range as intended, I must create two Access Rules.

I must create, one rule for the source interface and a separate rule for the destination interface, is this correct?

Thanks again,

mdd

Follow up testing on Firewall Access Rules.

Access rules do not function as expected by blocking websites on specific IP ranges.

I have now tested blocking the same range (221.4.0.0 - 221.5.127.254) on both source and destination in the same rule as in the first message.

I have now applied and tested separate access rules blocking the IP range 221.4.0.0 - 221.5.127.254

I then access a webpage www.bendss.com  which is at 221.4.168.69.

It should be blocked by the router firewall access rules and it is not.

I have been careful to clear all browser caches and flushed local DNS cache as well.

Why do firewall access rules not function at all? What is the problem????

Please see the attached screenshots:

Hello,

the odd thing is, when I ping that address, I get a response from a very different IP:

C:\Users\pauwe>ping www.bendss.com

Pinging s14.zhanh.com [129.226.99.198] with 32 bytes of data:
Reply from 129.226.99.198: bytes=32 time=330ms TTL=50
Reply from 129.226.99.198: bytes=32 time=331ms TTL=50
Reply from 129.226.99.198: bytes=32 time=331ms TTL=50
Reply from 129.226.99.198: bytes=32 time=330ms TTL=50

Either way, since you have logging turned on, is any traffic corresponding to the firewall rule logged at all ?

That is odd. Ping does return that address in the 129 range not the 221 range.

My sources were

https://www.pagesinventory.com/ip-subnet/ 

and

https://www.pagesinventory.com/ip/221.4.168.69.html

https://www.pagesinventory.com/domain/www.bendss.com.html

and interestingly DNSlytics also shows that bendss.com is at 221.4.168.69

https://dnslytics.com/ip/129.226.99.198

Clearly the bendss.com website is redirected to - s14.zhanh.com [129.226.99.198]

I will test further and check router logs as well as OpenDNS logs. Would however prefer that the DNS requests are never forwarded from the router al all.

Thanks again,

mdd

Hello,

I think content filtering might work better, as that allows you to block a URL rather than an IP address (range). Check the link below:

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5379-configure-content-filtering-on-the-rv34x-series-router.html

Hi,

Actually, no, the need is to block a range of country IP addresses. so that suggestion is untenable.

Thanks tho.

mdd

Hello,

so, can you block the 129 address then ?