SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Member
    Join Date
    Jul 2013
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Firewall Rules question.

    In this example,

    Rule 3
    Source IP : 192.168.120.0
    Source Port : Any
    Dest Port: Any
    Destination Port : Any
    Action: Allow

    Rule 4
    Source IP : 192.168.120.0
    Source Port : Any
    Dest Port: 192.168.120.4 ( DNS server )
    Destination Port : 53
    Action: Allow
    Doesn't rule 3 nullify rule 4, as rule 3 allows 192.168.120.0 to connect to anything on any port, which means that it could connect to the DNS server as well ?

  2. #2
    Barefoot on the Moon! silver trophy
    Force Flow's Avatar
    Join Date
    Jul 2003
    Location
    Northeastern USA
    Posts
    4,524
    Mentioned
    52 Post(s)
    Tagged
    1 Thread(s)
    It doesn't "nullify" it.

    However, by having rule 3 in place, rule 4 is unnecessary.

    However, to ensure that things are kept as secure as possible, I would try to be as granular as possible and not use a carte blanche rule like rule 3.

    If things aren't working as you anticipated, there could be other rules interfering with the rules you listed. That said, is there something that isn't working properly?
    Visit The Blog | Follow On Twitter
    301tool 1.1.5 - URL redirector & shortener (PHP/MySQL)
    Can be hosted on and utilize your own domain

  3. #3
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    8,907
    Mentioned
    139 Post(s)
    Tagged
    2 Thread(s)
    I agree with ForceFlow. Opening everything is never a good idea.
    I always create rules for the ports I want open (generally only 22, 80 and 443) and then create a catch-all rule that blocks everything else.
    Rémon - Hosting Advisor

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •