Port Alias
-
Hello,
I am having an issue using a port alias with particular rules and wanted to run it by the community to see if I am missing something in my understanding of port aliases.
I have created an port alias with 1:24, 26:52, 54:586, 588:65535 for port ranges. When creating rules with TCP/UDP protocol, my goal is to use this alias to equate to "all ports except for 25, 53, and 587". So if I reject all packets against this alias, the source will still have access to 25, 53, and 587.
Am I correct in this logic?
Thanks.
-
Yes.
-
Sweet! Thanks!
-
Anther way that might make more sense when (possibly someone years from now) is reading the rule set would be to make four rules:
pass TCP 25
pass TCP 587
pass TCP/UDP 53
reject anyYou could combine 25 and 587 into a port alias but not sure it's worth it for just two ports. Anyway, that's what I would do.