Question : help needed for addressing network IP Filter and subnets

I need help configuring a firewall... right now everything works but not as efficiently as I would like it to.
I would like to set my firewall to block all incoming ip addresses from my domain except my IP and proxy server
I have tried this over and over and my addressing only succeeds in blocking myself. The firewall i am referring to comes with 602Pro Lan Suite - which is a combination firewall, fax & mail server, web server etc
you can use the IP filter to restrict which computers both inside and outside the network can access it using
source IP - source mask- destination ip - destination mask
as seen here:
http://www.software602.com/products/ls/tour4.html
in theory i think i can block all access from

lets say my ip is

168.68.68.68
iwuld like to block all ips from 168.68.XX.XX
and then allow 168.68.68.68 OR the subnet 168.68.68.X (255.255.255.0?)

the IP filter reads from top to bottom and the "blocks" i.e. "reds" are always listed first

in theory i think i should be able to do this with subnet masks and first blocking and then allowing but it has not worked at all... i ended up causing so many problems i just wiped filter clean to restart

i have not had a problem with the "site access" filter... where i can block access to websites using an IP address and/or URL and or wildcards... very easy

WHY DO I WANT TO DO THIS
I am constantly being subjected to attacks by nimda and other virus and also port scans. 95% of the time these attacks originate from machines hosted by my ISP (a well-known cable ISP) - i have alerted them to this, called, emailed and sent log scripts..... problem has only become worse.

The scans are a real strain on the machine and slow everything down.The requests are refused but i don't like being subject to so many hack attempts. Running Zone Alarm in "internet lock" helps except zone alarm has many quirks and also interferes with a lot of software... it also seems to cause the machine to BSOD quite rgularly.... i would prefer not to ahve it running all the time... additionally when its on my web page can't be accessed and a lot of the servers functionalities can't be accessed... i am also very suspicious of the TrueVector and would like to avoid having it running as often as possible

Also for personal knowledge would like to know how to use the firewall properly

OS & SOFTWARE
windows 98 SE
zone alarm 2.6362
602Pro Lan Suite

SETUP
P120 host machine with static ip & broadband connection
this machine handles the server and firewall
no clients on network yet until this is figured out.. will just be at most 3 client machines

Answer : help needed for addressing network IP Filter and subnets

If it's only got 1 NIC, then it isn't really a firewall. So if you go to one of your clients and set your browser to "direct internet connect" so as not to proxy through either your proxy or your ISP's proxy, are you able to browse the web?

The problem with the network settings is that with a netmask of 255.255.224.0, as you've noticed from using a calculator, there are two networks:
24.59.64.0 - 24.59.95.255
and
24.59.96.0 - 24.59.127.255
But your ip (24.59.68.68) is not on the same network as its default gateway (24.59.96.1). One of those isn't right, but I can't tell you which... that's up to your ISP.

Random Solutions

Error 67 mapping drive from XP SP3 (workgroup) to file server (Novell Linux)

Why does the client computers on my home network think server is outside of local network?

Setting up a Cisco Aironet 1200 as an access point.

Creating a DNS Record

Can I use apache .htaccess files with tomcat?

how can i get the table values wich is in String and i want convert into date

VPN drops connectivity at random

firewal security testing

HOME NETWORKING IS INFURIATING! MSHOME is not accessible. . . .

user restrictions 2003 server