Stuck to configure a Firewall Allowing only Nessus ( TCP 8834)

Started by js_opdebeeck, November 10, 2021, 09:45:52 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 10, 2021, 09:45:52 PM Last Edit: November 10, 2021, 09:47:32 PM by js_opdebeeck
Hello blue and red teams,

I'm new to OPNSense and I'm stuck to configure a rule to allow only destination port for Nessus ( TCP-8834), as many protocol, the source port is not fixed to a specific value so I need to put ANY .

My actions :
Protocol TCP
Src_port : Any
Dst_Port : Other ( 8834)



Unfortunatly, when I save OPN make  a rule Src_Port ANY Dst_Port Any.  ... not good at all. So, everything is open :-(



If I edit the rule, I have a DST_Port = ANY

I also tested with "Alias" Port, but it fails too.

Can you give me some advice ? Did I miss something ?


Js

November 10, 2021, 10:10:52 PM #1
You need "from: other", "to: other" in the destination port section and put 8834 in both fields. The "from" is not indicating that this means the source. There are separate source and destination port sections in that web form.

And both take a port range if desired. So for a single port you need "from: X", "to: X" with X the same for both fields.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 11, 2021, 01:50:32 PM #2
Perfect


;)


Thank you.


Js
Print
Go Up Pages1
User actions