Hi,

I'm a Firestarter user who is filtering numerous machines to whitelist all but a few sites. However, I want to allow a single computer (firewalled via software) absolutely unrestricted access to the internet.

Is there a way to specify allow any port to any destination from a single source IP? (I've edited out the source IP as Foo.bar.not.valid)
Like
I'm hoping someone can fill in the question marks for me!

Thanks for any and all help.

I believe what you are trying to do with the above rules would be accomplished by

or if you would rather allow all protocols (not just udp and tcp), you could use the single line:

In either case, the FORWARD chain will accept packets coming from Foo.bar.not.valid regardless of destination address or port. The "/32" after the address is permissible but not mandatory, so I removed it for clarity. I also dropped the unnecessary (in this case) destination address for the same reason.

For the above rules to have any effect, you either need a DROP or REJECT policy on the FORWARD chain or you need a subsequent rule that DROPs or REJECTs packets. I still am unsure whether this accomplishes your overall goal (that would depend on other details you have not provided) but the rules will ACCEPT the packets I outlined above.

Hey Blackhole,

Thanks for the reply. I have the whitelist all setup already, just looking to get the single IP unfiltered. I'll definitely give that a shot.

Thanks! I really appreciate your help. If I have any issues, you'll probably see me lurking around here again