Restrict internet traffic to given ports



  • Hi guys,
    sorry if it was already discussed but I didn't find it on the forum, so my apologies.

    I'm trying to restrict internet traffic on my LAN, but I have some problems on port 80.
    I wrote the following rule in the LAN tab:

    TCP "LAN net" * * ALLOWED_TCP_PORTS * none

    where "ALLOWED_TCP_PORTS" is an alias for 443,80,2095

    Well, the 443 and 2095 works like a charm, but the 80 no!
    I can't reach any website on port 80, only 443 (HTTPS).
    If I rewrote the rule as:

    TCP "LAN net" * * 80 * none
    it still not works.

    Sniffing the traffic I saw that I correctly resolve the DNS name and then send the SYN packet to the website on port 80…but I never get the website packet back so I cannot connect to.

    If need other info please let me know,
    Thank you


Log in to reply