Source - Destination confusion

Hi,

A seemingly silly question, but not trivial:

The manual states

  • Source Address : States the source address of the connection attempt
  • Destination Address : States the address of the connection attempt

So, if I write a rule for Direction OUT then the Destination Address is the IP address far out there in the www, but if I write a rule for IN, the Destination Address is the IP address of my own PC?

Or is the Destination Address always the remote address, no matter what the data direction is?

P

This is correct. Who and what the Destination IP is differs depending on the direction of the traffic flow. Typically for outbound traffic the Destination IP would be somewhere on the WWW (ie. remote) and for inbound traffic the Destination IP is typically you PC’s WWW address (ie. local). The same is true for Port numbers. This is often why bi-directional rules do not function as anticipated in CIS.

Some software might request outbound connexions to localhost…

Thanks!