Results 1 to 2 of 2
  1. #1
    Newbie
    Join Date
    Jun 2016
    Posts
    2

    Default firewall rules question about whitelisting

    I have instructions:

    The suggested method is to whitelist TCP connections to port 80, 443, and 10051 to *.brinkpos.net, port 443 to sqs.us-*.amazonaws.com, queue.*.amazonaws.com, and port 443 to the IP addresses in the table.

    I can see how you could whitelist an ip address but the rest of this confuses me when I look at the rule structure.
    What does this mean as far as firewall rules and what form would the rules have? Anyone have any suggestions or knowledge that can help? I tried looking at the rules and I am not getting it. Would this involve the webfilter and not the firewall?

    Thanks

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,288

    Default

    The Untangle firewall module, is a sane firewall and as such will not accept DNS names. Firewalls that accept DNS names may as well not exist because it's trivial to poison the DNS cache and open a hole to anywhere.

    So if you want to do this, you're going to have to resolve ALL of the names in question, and input a monstrous list of ever changing IP addresses.

    Which is why we all abandoned the whitelist / blacklist approach ages ago. Untangle is a UTM, the firewall is handy but often useless.

    Untangle doesn't control egress traffic by default for this reason too... so I guess my question is, what isn't working?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2