Question how to enter port ranges in WAN rules
I need to block port ranges to stop hackers coming through browser
IPP/631 virus for instance
22/ssh
etc
You have to make a rule to stop hackers who have a connection
So I need broad port ranges 1:4000
Maybe it's worth going one step back: What rules do you have on the WAN interface? Per default there are no open ports on it.
You can enter from port and to port in firewall rules or create an alias and use that. Still the question stands: since WAN already blocks everything by default, what did you change?
Thanks everyone
Ok
My WAN rules are default
I understand how they block a "new" incoming connection
I have opnsense on one box and my operating system on another
There is a firewall, ufw defaults on the OS, and blocked ssh and ftp
The bad guys enter the OS through the browser
Side note: they steal my logs, read them, find lan ip, enter opnsense, steal those logs
So Im trying to block connections from servers who have a connection, opening ports that should not be open
So example is I can block servers "with a connection" only by manually denying a port and direction
The defaults are for incoming new ports, not established communications, if that helps
So my question is
Is there syntax to deny more than one port at a time
I dont want to enter them one at a time, like 1:52,54:442,442:546,etc does that work
I do know a bit about iptables and ufw, both front ends
And I want to block them from carrying out some attacks through my system
Thanks
Got it
thanks everyone
select protocol and then select from and to port ranges