Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Invert port alias in rule

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 449 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MaxBishop
      last edited by MaxBishop

      I use a LAN rule to allow only specific outbound port requests (80, 443, 22, etc.). Occasionally someone decides to provide a service on a non-standard port. When a hapless local user can't get to such a site I would like to log the anomalous port request.

      In short, I would like to match requests to destination ports not included in my allowOut alias.

      How can I invert a port alias match?

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        You can just put a reject rule after that rule to TCP port any that logs. Only traffic that does not match the pass rule(s) above it will reach it and be logged. No reason to exclude the matching "good" traffic in that rule itself.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.