Block all ports leave only the "basic needs" Because of P2P
-
Hi i have a Box with 2 nics (LAn,WAN-PPPOe )
I would like to close all ports on the firewall and leave only the ports for http(s),Messenger,ftp.(because of p2p,)
I can disable the default rule on the LAN and set every thing by hand,in this case do i have to create the same rules on the WAN interface ?
Or is there a better way to do this ?PS: i have snort running (once again because of P2P) and Captive Portal
-
you enter rules on the interface the traffic originates. So to allow/deny traffic initiated from your LAN to the Internet, use LAN rules. To allow/deny inbound traffic initiated from the Internet, use WAN rules.
-
Thanks what i was thinking.
I having a bit of problem enabling msn video conference ports i looked around and found they are dinamyc and Microsoft recomends a huge port range.The actual Real-time Transport Protocol (RTP) streams are sent using dynamically allocated UDP ports in the range of 5004–65535. Without a way to open these UDP ports on any firewall in the path dynamically, the streams fail to reach their destination.
From: http://technet.microsoft.com/en-us/library/b9bd86b1-a604-d747-b219-bb2ac5473e87.aspx#EKAA
It was better to say leave every thing open :P