Author Topic: Block WAN TCP/25 (Read 5521 times)

mitchskis · « **on:** December 30, 2016, 06:01:41 pm »

Hello,

I'm a bit perplexed. Perhaps someone can point me toward documentation.

I'm trying to block all TCP/25 traffic from transiting the WAN connection.

For the WAN firewall I set the following rule --
REJECT
Proto: TCP
Source: *
Port: *
Destination: *
Port: 25
Gateway: *

This properly rejects all incoming port tcp/25. It does not reject traffic from the LAN, OPT1, OPT2, or IPSEC interfaces. If I make rules on each LAN, OPT1, ... interface then it drops the incoming traffic. I can't seem to set any outgoing firewall rules.

Any pointers would be appreciated.

fabian · « **Reply #1 on:** December 30, 2016, 08:02:41 pm »

use a quick floating rule - you can set "in" or "out" there. Interface rules are always "in". Another idea: Use a negated destination for your rule.

Regards,

Fabian

mitchskis · « **Reply #2 on:** December 30, 2016, 09:19:47 pm »

Thanks, this is what I was looking for.

I moved the rule to from WAN to Floating, selected all interfaces, set the Gateway to WAN_GW, and set the direction to out. This rejects all outbound SMTP traffic will allowing internetwork OPT<->LAN SMTP traffic.

mitchskis · « **Reply #3 on:** December 30, 2016, 09:31:37 pm »

Is there any "any interface" option, or does one need to select all interfaces for each rule?

fabian · « **Reply #4 on:** December 30, 2016, 09:34:28 pm »

If you don't select an interface it is equal to any

mitchskis · « **Reply #5 on:** December 30, 2016, 10:02:48 pm »

Thanks!

Author Topic: Block WAN TCP/25 (Read 5521 times)

mitchskis

Block WAN TCP/25

fabian

Re: Block WAN TCP/25

mitchskis

Re: Block WAN TCP/25

mitchskis

Re: Block WAN TCP/25

fabian

Re: Block WAN TCP/25

mitchskis

Floating Firewall Rules