Help and Support
Ask a question, report a problem, request a feature...
<<  Back To Forum

Is there a way to block outgoing connections to some ports?

by Guest on 2019/02/04 11:14:43 PM    
I try to prevent connections to certain ports as that will trigger an IPS I have no control over.
The blocklist documentation states ports are ignored so I cannot just do something like: 0.0.0.0/0:123

Is that a feature I cannot find or is it not supported?
by Guest on 2019/02/06 07:28:26 AM    
I try to prevent connections to certain ports as that will trigger an IPS I have no control over.
The blocklist documentation states ports are ignored so I cannot just do something like: 0.0.0.0/0:123

Is that a feature I cannot find or is it not supported?

Hello

if you need to block a port, this is a work for a firewall
by Guest on 2019/02/09 02:49:41 AM    
Yeah, that's the problem. I use a SOCKS proxy so I have no control over the firewall in that case. The Intrusion Detection on the proxy will drop my connection when it sees outgoing traffic to certain ports. Otherwise I wouldn't have had the need to ask.
I know, weird setup...
by BRMateus2 on 2019/02/12 12:39:55 AM    
You might want to set a global destination port deny, like this in MikroTik.
ip firewall filter chain=forward action=drop dst-interface=wan1 dst-ports=0-137,139,140,141 ...

In advanced firewall settings at Windows or iptables. Just remember to block by application.
by Guest on 2019/02/13 10:37:23 PM    
Thanks for the reply but yeah, that would work if there was no socks proxy. The only connection any firewall would see is
Tixati@localip:localport -> socksserver:1080
The firewall can't block what it can't see. I wonder if there is a local packet inspector that could unwrap the socks stream and drop it before it hits the proxy.




© 2019 Tixati Software Inc.