Possible to block incoming IP address?
The short version: Is it possible to block inbound traffic based on an external IP address?
The long version: I recently started running a local mail server at home (on a Synology NAS). Aside from VPN, the SMTP ports are the only ones I have open on my network and I'm somewhat paranoid about opening ports. I've locked down the SMTP server as best I can (mostly using RBL list checks) and I'm monitoring the logs like a hawk. While I do regularly see random clients trying to connect, they attempt to connect, they're denied access, and then they usually never come back. I've got one case of a client that's trying to connect repeatedly, slowly (spaced out every half hour or so), but continually.
I'd really like to just permanently block this client by IP address so they cannot even connect to the port at all. I don't see a way in the eero app to do anything like that so I'm guessing it's not possible, but thought I'd check here.
Hi, pmarcos – Thanks for taking the time to reach out, and welcome to the eero Community!
So, short answer, unfortunately it's not possible at this time to block a specific incoming IP address. While the built-in eero firewall will of course automatically block any unsolicited inbound traffic, we don't offer much in the way of customization at this time. With that said, I'm more than happy to pass along your interest in some more robust firewall options to the team.
Past that, please feel free to share any other thoughts and feedback you have, and pop into any threads that catch your attention. We're glad to have you here, and we look forward to seeing you around the Community!
Drew, eero Community Team
Great, thanks Drew for the confirming that I'm not missing something. On this topic, since I'm now running my own server that I need to open up to the outside world I'd love to see some more advanced controls at the eero level. I want to stop unwanted traffic from getting any further than that. Ideally I'd be able to do this on my Comcast cable modem, but my current setup doesn't allow that so my eero is the next stop along the path into my network, and the first one that I have direct control over.