Help and Support
Ask a question, report a problem, request a feature...
<<  Back To Forum

Is there a way to block outgoing connections to some ports?

by Guest on 2019/02/04 06:14:43 PM    
I try to prevent connections to certain ports as that will trigger an IPS I have no control over.
The blocklist documentation states ports are ignored so I cannot just do something like: 0.0.0.0/0:123

Is that a feature I cannot find or is it not supported?
by Guest on 2019/02/06 02:28:26 AM    
I try to prevent connections to certain ports as that will trigger an IPS I have no control over.
The blocklist documentation states ports are ignored so I cannot just do something like: 0.0.0.0/0:123

Is that a feature I cannot find or is it not supported?

Hello

if you need to block a port, this is a work for a firewall
by Guest on 2019/02/08 09:49:41 PM    
Yeah, that's the problem. I use a SOCKS proxy so I have no control over the firewall in that case. The Intrusion Detection on the proxy will drop my connection when it sees outgoing traffic to certain ports. Otherwise I wouldn't have had the need to ask.
I know, weird setup...
by BRMateus2 on 2019/02/11 07:39:55 PM    
You might want to set a global destination port deny, like this in MikroTik.
ip firewall filter chain=forward action=drop dst-interface=wan1 dst-ports=0-137,139,140,141 ...

In advanced firewall settings at Windows or iptables. Just remember to block by application.
by Guest on 2019/02/13 05:37:23 PM    
Thanks for the reply but yeah, that would work if there was no socks proxy. The only connection any firewall would see is
Tixati@localip:localport -> socksserver:1080
The firewall can't block what it can't see. I wonder if there is a local packet inspector that could unwrap the socks stream and drop it before it hits the proxy.




This web site is powered by Super Simple Server