Block WAN TCP/25

Started by mitchskis, December 30, 2016, 06:01:41 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 30, 2016, 06:01:41 PM
Hello,

I'm a bit perplexed. Perhaps someone can point me toward documentation.

I'm trying to block all TCP/25 traffic from transiting the WAN connection.

For the WAN firewall I set the following rule --
REJECT
Proto: TCP
Source: *
Port: *
Destination: *
Port: 25
Gateway: *

This properly rejects all incoming port tcp/25. It does not reject traffic from the LAN, OPT1, OPT2, or IPSEC interfaces. If I make rules on each LAN, OPT1, ... interface then it drops the incoming traffic. I can't seem to set any outgoing firewall rules.

Any pointers would be appreciated.
December 30, 2016, 08:02:41 PM #1
use a quick floating rule - you can set "in" or "out" there. Interface rules are always "in". Another idea: Use a negated destination for your rule.

Regards,

Fabian
December 30, 2016, 09:19:47 PM #2
Thanks, this is what I was looking for.

I moved the rule to from WAN to Floating, selected all interfaces, set the Gateway to WAN_GW, and set the direction to out. This rejects all outbound SMTP traffic will allowing internetwork OPT<->LAN SMTP traffic.
December 30, 2016, 09:31:37 PM #3
Is there any "any interface" option, or does one need to select all interfaces for each rule?
December 30, 2016, 09:34:28 PM #4
If you don't select an interface it is equal to any
December 30, 2016, 10:02:48 PM #5 Last Edit: December 30, 2016, 10:04:33 PM by mitchskis
Thanks!
Print
Go Up Pages1
User actions