First of all, I believe I understand how the firewall’s rules system is supposed to work. Lower priority on bottom, higher priority rules on top. Still I cant manage to get my rulesets to work.
- I create a rule to block all incoming traffic.
- I create rules to allow incoming traffic to wanted ports (ie. 80, 20, 21, 110 etc).
- I move the block rule to bottom of the priority list.
- All incoming traffic is still blocked, even on the “top” priority allowed ports.
Am I missing something?
Also I would like to know if I could block all incoming traffic, for except certain applications? In example if I have apache listening on port 80, the firewall would prioritize this and allow incoming traffic even though I would set a “block all incoming traffic” with global rules? Would save a lot of work and writing of ports.
At the moment I have specified every blocked port manually in port sets. But this gives another problem: For example passive ftp uses a port that changes, and I would need to open up a range of ports for this application.
Also I have a seperated LAN/WAN IP’s, after blocking all incoming ports the LAN file sharing etc is not working, even though I’ve specified both IP’s and MAC’s that would be allowed ALL IN/OUT. Again this rule is prioritized as higher than the “block incoming” rule.
Any tips would be welcome.