Need to block an IP on my local network to HA PI

Hello, I need to block an IP, it’s an echo dot with a static IP, from seeing my Pi. Before Hassio, I used UFW on the PI to do it, but see there isn’t a firewall now.
Is there a way to do this with Hassio?

I think there is a blocked networks setting? Just use a /32 mask or netmask to specify one ip address.

Enable IP ban in the http section of your config.

Add a new entry following the format linked below in a new file named ip_bans.yaml

Hi silvrr,
I did add the http block, thanks for that it is good to know, but it didn’t block the dots from accessing the emulated _hue. I’ve should have mentioned that one in the original post.
The reason to block the dots is so they do not discover any devices on my HA, so I need just to block them totally from the Hassio PI.
I’ll keep on looking - Thanks for your help.

ahhh, I think the http block only blocks the 8123 frontend and api. The emulated hue service is on 8300.

I assume you have something else, another echo, that you want to access the bridge?

Are you running the image or on Linux?
If on Linux you should be able to use the OS firewall to block access.

Yes, I have two echos I want to block, in my mothers house, all mine see the devices.
Don’t want her turning off and on my stuff :wink:

Are the echos in your mothers house on the same network and/or are they linked to the same account?

I’m running the image on a PI3. I did use UFW before I went to the image.

They are on a different Amazon account, same network. We all live on the same farm. I bought a wireless mesh to cover the place. So I can’t use my network firewall to block the LAN ips. They all go thru the wireless.

How about turning off discovery for dots and manually specifying yours?

That would work, I use the customize.yaml file to turn off hue discovery for a lot of things. I do have quite a few things and scripts to add, then if Alexa forgot all, that would suck :slight_smile: Not real sure how you would add a light or script if the echo didn’t discover it.
SO, I’ve decided to try to make my own add-on with UFW firewall. If DHCP, SSH and stuff works, seems like I could do a UFW.
Having a firewall on the HA PI would be useful in a lot of situations, if on a network with others or just to block all ports but 8123, 443 and 22.
Will be my first one - so should be fun. I’m sure I’ll lock myself out at one point :slight_smile:
Thanks all.

BTW - if making a firewall add-on isn’t possible, someone pls shout out.

hi , im interested on how you build the firewall