How to properly configure a rule for RPC?

Started by Guybrush, November 04, 2021, 10:41:08 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 04, 2021, 10:41:08 PM
Greetings,

I am currently testing out how to enable RPC through Opnsense (current). The standard ports are no big deal, but how do I handle the dynamic high range ports? I do not want to (means - cannot) restrict RPC ports on the destination Windows machines for several reasons. I usually work with Barracuda Firewalls, they have a RPC helper, which works fine. I wonder if there is something similar available with Opnsense? If so, can anybody point me to a how-to/docs/something to accomplish that?

Huge thanks in advance
Guybrush
November 05, 2021, 02:01:58 PM #1
I believe that would require a helper capable of inspection and control at OSI Layer 5 (Session Layer) at a minimum and for that information to be maintained in some sort of session state table (or THE session state table).

Usually this would require hardware inspection, i.e. ASICs, to not adversely affect performance. That being said, clearly some software firewalls over the years have been able to do this (think M$). IIRC, with the demise of TMG, I think Barracuda and some others picked up this feature.

I'm not aware of anything in the OPNsense space that would fit the bill.

Maybe some Layer 7 plugin...? Are there any?
Print
Go Up Pages1
User actions