Block all traffic on an interface except HTTP/HTTPS (Layer 7)

  • I'd like to be able to block all traffic on an interface except HTTP/HTTPS. I know that I can simply setup a rule that would block all ports except 80 and 443. But the issue is that if someone is using a P2P program and sets it on one of those ports, that firewall rule won't catch it. How would I go about setting up a rule to only allow web traffic?

  • LAYER 8 Netgate

    If someone establishes an SSL connection, firewalls cannot see inside the tunnel to determine the exact nature of the communication.  Sorry.

  • All of the methods people use to try to examine and filter the contents of HTTPS amount to a MITM attack.  Which is about the same as breaking HTTPS.

Log in to reply