Last edited:
2 years ago, when 2600ac was new, and I was playing around with Firewall... I mis-interpreted Threat Prevention -- Statistics (World View) Events as countries to block in Firewall.. I now understand the two are Apples & Oranges. I mention this just to explain how some of the Firewall rules came about.... My Question is not about TP, but Firewall Rules...
This left me (with the 15 region limit per rule) with a few rules denying some but not all countries scattered all over the world, with no rhyme nor reason as to what countries were in which rule....
At the bottom of firewall rules, I have a rule written to deny all -- if it doesn't match the above rules.... And I've noticed the DENY ALL Rule still gets "Hits".... (this was in addition to the 4 fixed rules at bottom effectively doing the same thing as my DENY ALL Rule, but not showing any "Hits".... I created the DENY ALL Rule because I wanted to see "Hits"... From this I assumed that there was something from a region I had not selected that was trying to get through, and DENY ALL Blocked it!
Because I continually get "Hits" from DENY ALL Rule, after thinking about it for a while..... I created new rules today, based upon ALL listing of region's List... Block Incoming from Everywhere in the Region List (Limited to 15 per rule).... and deleted my older rules.... and moved the 18 new rules above my DENY ALL Rule (Support had told me maximum number of user rules in Router Firewall was 128 Rules).. OK.. I'm effectively blocking all un-requested inputs from Everywhere.... I left the DENY ALL rule I created, active at the bottom.
It's interesting to note that that last rule... That blocks EVERYTHING prior rules miss.... after I block Literally Everything I can from the region list.... Still get's "Hits"
I don't have any other software to examine things.... but I'm nosy.... If I block ALL REGIONS, Why does DENY ALL at bottom still get hits?
Thanks for any comments....
Here's a picture of bottom of firewall List showing what I was describing....
This left me (with the 15 region limit per rule) with a few rules denying some but not all countries scattered all over the world, with no rhyme nor reason as to what countries were in which rule....
At the bottom of firewall rules, I have a rule written to deny all -- if it doesn't match the above rules.... And I've noticed the DENY ALL Rule still gets "Hits".... (this was in addition to the 4 fixed rules at bottom effectively doing the same thing as my DENY ALL Rule, but not showing any "Hits".... I created the DENY ALL Rule because I wanted to see "Hits"... From this I assumed that there was something from a region I had not selected that was trying to get through, and DENY ALL Blocked it!
Because I continually get "Hits" from DENY ALL Rule, after thinking about it for a while..... I created new rules today, based upon ALL listing of region's List... Block Incoming from Everywhere in the Region List (Limited to 15 per rule).... and deleted my older rules.... and moved the 18 new rules above my DENY ALL Rule (Support had told me maximum number of user rules in Router Firewall was 128 Rules).. OK.. I'm effectively blocking all un-requested inputs from Everywhere.... I left the DENY ALL rule I created, active at the bottom.
It's interesting to note that that last rule... That blocks EVERYTHING prior rules miss.... after I block Literally Everything I can from the region list.... Still get's "Hits"
I don't have any other software to examine things.... but I'm nosy.... If I block ALL REGIONS, Why does DENY ALL at bottom still get hits?
Thanks for any comments....
-- post merged: --
Here's a picture of bottom of firewall List showing what I was describing....