Allow Group Of Ports



  • Hi All,
    I have a Some list of ports have to allow, and i have to block other ports. I Created Aliases for Allowed ports . but how add this port aliases to firewall rules?



  • On the rules page, editing the rule, Destination port range select other, then put the aliases name the box.  Source port is found under the advanced tab and should work the same way.

    At least that's what I have in my rules.



  • Thank You.. May i Know How to Block Other Ports Not mentioned on that List?



  • If the rule is a Pass rule and you specify a range of ports,  by definition it blocks ports not on that list.



  • is there any way to check those ports are allowed or Not?



  • It starts with default deny:  Block everything unless there is a rule to pass it.

    If you get to the console or ssh in, output of the command "pfctl -s rules" shows the rules that are currently active and order of evaluation.  Start at the top and go down, see what's passed and what's blocked.  Should be "last match wins unless there is a quick on the rule".

    Or you could simply test, trying to connect or send traffic to the ports/destinations that you want to block.  One should always test against their desired requirements, not simply assume that "it should work".


  • Netgate

    If it is not passed it is blocked.