by Guest on 2019/02/09 02:49:41 AM
Yeah, that's the problem. I use a SOCKS proxy so I have no control over the firewall in that case. The Intrusion Detection on the proxy will drop my connection when it sees outgoing traffic to certain ports. Otherwise I wouldn't have had the need to ask.
I know, weird setup...
You might want to set a global destination port deny, like this in MikroTik.
ip firewall filter chain=forward action=drop dst-interface=wan1 dst-ports=0-137,139,140,141 ...
In advanced firewall settings at Windows or iptables. Just remember to block by application.
by Guest on 2019/02/13 10:37:23 PM
Thanks for the reply but yeah, that would work if there was no socks proxy. The only connection any firewall would see is
Tixati@localip:localport -> socksserver:1080
The firewall can't block what it can't see. I wonder if there is a local packet inspector that could unwrap the socks stream and drop it before it hits the proxy.