Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Does the NOT option also include the port setting?

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 3 Posters 694 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pubmsu
      last edited by

      Hi,

      While defining rules, if we select the NOT option (to invert the sense of the following source or destination setting), does it also include the port setting?

      For instance, if I want to define a rule that'll pass all UDP traffic except when destination has certain BitTorrent ports (but any destination host), can we implement this as NOT of destination, where host is ANY and port is an alias like BitTorrentPorts (which defines such ports)?

      Thanks!
      pubmsu

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        You can use NOT on dest and or ports, etc.

        So sure you could put any and NOT a alias with ports it so for example if your alais had ports 5678 and port 1234 in there.  And you were trying to go to 9000 it would work, anything that is NOT those 2 ports would work.

        Keep in mind that bittorrent can run on any port reall.. Could be anything really >1024

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • P
          pubmsu
          last edited by

          Thanks a lot for confirming!

          Bittorrent is really tough to control it seems.

          1 Reply Last reply Reply Quote 0
          • K
            kpa
            last edited by

            @johnpoz:

            You can use NOT on dest and or ports, etc.

            So sure you could put any and NOT a alias with ports it so for example if your alais had ports 5678 and port 1234 in there.  And you were trying to go to 9000 it would work, anything that is NOT those 2 ports would work.

            Keep in mind that bittorrent can run on any port reall.. Could be anything really >1024

            Including ports under 1024 because you can run a torrent daemon with root privileges if you're brave enough to do so.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.