How to create a PTR Record rule?
-
I know you can create an ALIAS for one specific URL. But for example Teamviewer is using multiple subdomains: *.teamviewer.com
How do I create a rule for something like that?Thanks for your help!
-
johnpoz LAYER 8 Global Moderatorlast edited by johnpoz Jan 26, 2022, 11:01 AM Jan 26, 2022, 10:59 AM
@wellcomefit your trying to block all access to anything.teamviewer.com ? That would not really be possible with an alias.. How could you possible resolve any and all possible combinations of anything.domain.tld
You could prevent anything.domain.tld resolving for the client if using pfsense as their dns, so they wouldn't know what IP to go to - if that your goal. But there would be no way to populate a alias with IPs for anything.domain.tld - the combinations are almost infinite, etc.
Are you trying to whitelist so clients could only go to something.teamviewer.com ? Possible solution there would be to find out what ASN, ie the network they are using to host.. And then using pfblocker you could easy find all the ips/networks used by that ASN.. And then use that alias in an allow list, etc.
-
@johnpoz Thanks for your reply.
I'm trying to whitelist anything.teamviewer.com for Port 5389 TCP/UDP.
What is an ASN? I never used pfblocker. So this extension is capable of creating an allow list of all IP addresses which are owned by teamviewer? -
@wellcomefit ASN is Autonomous System Number, this is what defines a group of IP prefixes..
But teamviewer could be honestly pretty much anywhere on the planet from here.
https://www.teamviewer.com/en-us/trust-center/faq/ with pretty much all the major CDNs
So that pretty much wouldn't do you much good.. whitelisting *.teamviewer.com would be what you do when you use a proxy, not a firewall. For that just open up port 5389.