Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Support for Explicit Deny Policies & Stateful Firewall #3407

Open
kareemschultz opened this issue Feb 28, 2025 · 0 comments
Open

Add Support for Explicit Deny Policies & Stateful Firewall #3407

kareemschultz opened this issue Feb 28, 2025 · 0 comments
Labels
feature-request

Comments

@kareemschultz
Copy link

Hey NetBird Team,

I appreciate the work you're doing to simplify secure networking. While setting up access control, I realized that NetBird currently supports only allow policies but lacks a way to explicitly deny traffic.

Right now, if I need to block a specific IP (e.g., 10.4.0.36) while allowing 10.4.0.0/24, I have to create complex allow lists that manually exclude that IP. This is inefficient and difficult to manage at scale.

Feature Request:
Support Explicit Deny Policies

Ability to create policies that block traffic to/from specific IPs, subnets, or groups.
Would simplify security management instead of relying solely on allow rules.
Stateful Firewall Capabilities (I heard this is planned 👀)

Ability to filter and control inbound/outbound traffic dynamically.
Example: Restrict access based on connection state (e.g., allow established connections but block new ones).
This would make NetBird much more powerful for fine-grained security controls.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kareemschultz