How to create a PTR Record rule?

Reply to How to create a PTR Record rule? on Wed, 26 Jan 2022 13:36:34 GMT

johnpoz — Wed, 26 Jan 2022 13:36:34 GMT

@wellcomefit ASN is Autonomous System Number, this is what defines a group of IP prefixes..

But teamviewer could be honestly pretty much anywhere on the planet from here.

https://www.teamviewer.com/en-us/trust-center/faq/ with pretty much all the major CDNs

So that pretty much wouldn't do you much good.. whitelisting *.teamviewer.com would be what you do when you use a proxy, not a firewall. For that just open up port 5389.

Reply to How to create a PTR Record rule? on Wed, 26 Jan 2022 13:11:44 GMT

somerino — Wed, 26 Jan 2022 13:11:44 GMT

@johnpoz Thanks for your reply.

I'm trying to whitelist anything.teamviewer.com for Port 5389 TCP/UDP.
What is an ASN? I never used pfblocker. So this extension is capable of creating an allow list of all IP addresses which are owned by teamviewer?

Reply to How to create a PTR Record rule? on Wed, 26 Jan 2022 11:01:31 GMT

johnpoz — Wed, 26 Jan 2022 11:01:31 GMT

@wellcomefit your trying to block all access to anything.teamviewer.com ? That would not really be possible with an alias.. How could you possible resolve any and all possible combinations of anything.domain.tld

You could prevent anything.domain.tld resolving for the client if using pfsense as their dns, so they wouldn't know what IP to go to - if that your goal. But there would be no way to populate a alias with IPs for anything.domain.tld - the combinations are almost infinite, etc.

Are you trying to whitelist so clients could only go to something.teamviewer.com ? Possible solution there would be to find out what ASN, ie the network they are using to host.. And then using pfblocker you could easy find all the ips/networks used by that ASN.. And then use that alias in an allow list, etc.