Thank you for your reply.

 I tried to block all traffic. Everything is blocked, except Freenet and

I wanted to allow only the IP ranges of some countries. And allow connection
to seednodes. This is an intermediate solution between darknet and opennet.

This is not a mistake of rules, but I will continue to search, and test
different firewalls.

On Tue, Dec 16, 2008 at 10:29 AM, Luke771 <luke771 at> wrote:

> On Mon, 15 Dec 2008 00:45:49 +0100
> "3BUIb3S50i 3BUIb3S50i" <3buib3s50i at> wrote:
> > Hi,
> >
> > I use the OpenNet mode and I want to use a firewall to block certain IP
> > addresses. All traffic is blocked, except for TOR and Freenet which
> aren't
> > blocked by the firewall. Even with a "deny all"! Why? You have an idea?
> >
> Because you allowed Freenet and Tor to accept conections from the internet?
> If you ran darknet, you could make a firewall rule and allow connections
> only to your manually added Darknet peers ('Friends'), but as long as you
> run Opennet, your node need to be able to communicate to any IP.
> You could either use a 'negative' firewall rule like "allow connections on
> port <opennet port> to everyone  excpet <list>", or software like
> PeerGuardian that blocks a list of "bad" IP's: you could use that software
> and replace their "bad IP's" list with your own list of IP's you need to
> block.
> Note that the PeerGuardian approach of blocking IP's based on who owns them
> (NSA, etc) is essentially pointless because if the 'bad guys' are going to
> spy on you, they won't do that from ; they would use
> apartments and connections on private citizens' names.
> Anyways, yours is basically a firewall question. Check out your firewall's
> manual, read some forums, use Google, etc., and learn how to make a firewall
> rule to deny access to specific IP's/ranges
> _______________________________________________
> Support mailing list
> Support at
> Unsubscribe at
> Or mailto:support-request at
-------------- next part --------------
An HTML attachment was scrubbed...

Reply via email to