Pfblocker ports

mikekoke

Hi everyone
I configured a vlan isolated from the main network to connect the guests and I also enabled on this pfblockerng network.
But I noticed some requests from the guest network router to the vip address of dnsbl, blocked by one of my rules, such as the udp port 443 or tcp:s port 4070.
The nat rules of the main network and the hidden rules added to the guest network by pfblocker should only allow tcp ports 80, 443, 8446 and 8448.
I would like to know if other TCP and UDP ports should be used besides those mentioned.
Thanks for your help.

mikekoke

Does anyone know the ports used?

mikekoke

@BBcan177 could you tell me if other doors should be used besides those mentioned? Thanks for your help.

BBcan177

In the DNSBL tab. there is an option to create a Permit rule to allow VLANs to hit the DNSBL VIP on the open ports.

mikekoke

@BBcan177 said in Pfblocker ports:

In the DNSBL tab. there is an option to create a Permit rule to allow VLANs to hit the DNSBL VIP on the open ports.

I have already used that setting to select the two VLANs, but randomly the udp 443 and the tcp 4070 are also requested

BBcan177

@mikekoke said in Pfblocker ports:

@BBcan177 said in Pfblocker ports:

In the DNSBL tab. there is an option to create a Permit rule to allow VLANs to hit the DNSBL VIP on the open ports.

I have already used that setting to select the two VLANs, but randomly the udp 443 and the tcp 4070 are also requested

Not by DNSBL. Maybe the device that has domains being blocked tries to hit those ports?

https://www.speedguide.net/port.php?port=4070

mikekoke

Thanks, so I'm sure I don't block some DNSBL ports.
I will try to understand which device requires those ports, the problem that neighbors are connected to the guest network.

mikekoke

@BBcan177 said in Pfblocker ports:

@mikekoke said in Pfblocker ports:

@BBcan177 said in Pfblocker ports:

In the DNSBL tab. there is an option to create a Permit rule to allow VLANs to hit the DNSBL VIP on the open ports.

I have already used that setting to select the two VLANs, but randomly the udp 443 and the tcp 4070 are also requested

Not by DNSBL. Maybe the device that has domains being blocked tries to hit those ports?

https://www.speedguide.net/port.php?port=4070

The device that continues to connect to udp port 443 is a Sony Android smartphone but it is not possible to specify which one.
It appears that the connection to port 443 udp is linked to a warning in DNSBL.