Newbie - just trying to block one port

I have a machine setup and am able to access it thru port 8000 from within my network. I want to be able to access from my Windows Mobile phone not using WIFI but the data connection thru the internet. I know I can just setup port forwarding and that works but I had a problem of someone hammering port 8000 and causing my CPU to spike up. What I figured I could do is to go ahead and forward the port but use CF to block all access to that port except the IP of my phone. What would be the easiest way set this?
I really don’t think I need anything else blocked since that is the only port my router is letting thru.

Thanks for any help you can give!!!

G’day,

The trick here is to use an excluded BLOCK rule.

With CFP open, click FIREWALL → ADVANCED → NETWORK SECURITY POLICY → GLOBAL RULES → ADD

Set up a rule with the following parameters

Action : BLOCK
Protocol : TCP
Direction : IN
Description : WHATEVER
Source Address : SINGLE IP (the address of your phone) (Once this is entered click the EXCLUDE button)
Destination address: ANY
Source Port : ANY
Destination Port : 8000

This rule will block all inbound requests to that PC on port 8000 except for requests from the nominated IP address.

Hope this helps,
Ewen :slight_smile:

That worked great, thanks!!! The only problem I am running into is when the IP changes on my phone…which it did today 88)
I tried using it’s mac but I don’t think a MAC is transmitted thru the internet, I might be able to use an ip range but it looks like Sprint uses a pretty wide range of IP’s.

Any ideas on what else I can try??

If Sprint are hopping the IP that much, then using the IP address is out. The MAC address thing should have worked though, as it is transmitted in each packet. Have another ■■■■■ at it and let us know.

Ewen :slight_smile: