Thank you for your reply.
I tried to block all traffic. Everything is blocked, except Freenet and
TOR.
I wanted to allow only the IP ranges of some countries. And allow connection
to seednodes. This is an intermediate solution between darknet and opennet.
This is not a mistake of rules, but I will continue to search, and test
different firewalls.
On Tue, Dec 16, 2008 at 10:29 AM, Luke771 <luke771 at gmail.com> wrote:
> On Mon, 15 Dec 2008 00:45:49 +0100
> "3BUIb3S50i 3BUIb3S50i" <3buib3s50i at gmail.com> wrote:
>
> > Hi,
> >
> > I use the OpenNet mode and I want to use a firewall to block certain IP
> > addresses. All traffic is blocked, except for TOR and Freenet which
> aren't
> > blocked by the firewall. Even with a "deny all"! Why? You have an idea?
> >
>
> Because you allowed Freenet and Tor to accept conections from the internet?
>
>
> If you ran darknet, you could make a firewall rule and allow connections
> only to your manually added Darknet peers ('Friends'), but as long as you
> run Opennet, your node need to be able to communicate to any IP.
>
> You could either use a 'negative' firewall rule like "allow connections on
> port <opennet port> to everyone excpet <list>", or software like
> PeerGuardian that blocks a list of "bad" IP's: you could use that software
> and replace their "bad IP's" list with your own list of IP's you need to
> block.
>
> Note that the PeerGuardian approach of blocking IP's based on who owns them
> (NSA, etc) is essentially pointless because if the 'bad guys' are going to
> spy on you, they won't do that from secretservices.gov ; they would use
> apartments and connections on private citizens' names.
>
> Anyways, yours is basically a firewall question. Check out your firewall's
> manual, read some forums, use Google, etc., and learn how to make a firewall
> rule to deny access to specific IP's/ranges
> _______________________________________________
> Support mailing list
> Support at freenetproject.org
> http://news.gmane.org/gmane.network.freenet.support
> Unsubscribe at
> http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
> Or mailto:support-request at freenetproject.org?subject=unsubscribe
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://emu.freenetproject.org/pipermail/support/attachments/20081216/7162a6cd/attachment.html>
