Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    "Many to one" outbound port rule

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 199 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • EthicalSecurityHackerE
      EthicalSecurityHacker
      last edited by

      I noticed in my firewall logs that my computer keeps rotating outbound ports with the intent to connect on the other side with 443.

      I have been doing some research, but I suspect I do not know what the search term is I need to identify the solution. The all mighty google has failed to interpret what I need to a workable solution.

      I believe i'm looking to do a "many to one" outbound firewall rule.
      I believe the many should be any higher range port and map it to 443.
      Could this be outbound port forwarding?? Not sure if that is even a thing.
      I would think I could proxy that port somehow. I feel i'm over complicating it.

      I tried a rule to allow 443 to a specific ip, but it seems to be blocking since i'm not talking outbound on 443.
      I tried to write rules for these random ports, but it seems to pick a different one on every attempt to make the connection (dynamic port selection).

      Could someone please help me by pointing me to documentation to continue my research.
      Please and thank you.

      1 Reply Last reply Reply Quote 0
      • H
        hieroglyph
        last edited by

        What is the end goal here?
        This sounds like the way things are supposed to work.

        Source devices pick a random port for each outbound connection it wants to initiate.

        If I have x3 tabs open in my web brower (gmail.com, bank.com, and movie.com) my device will choose x3 random ports that look something like this:

        192.168.1.11:23456 --> gmail.com:443
        192.168.1.11:34567 --> bank.com:443
        192.168.1.11:45678--> movie.com:443

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.