Jump to content

Firewall traffic rules: Difference between revisions

no edit summary
No edit summary
No edit summary
Line 3: Line 3:


==Introduction==
==Introduction==
This article contains instructions on how to configure firewall traffic rules to filter network traffic. Firewalls are a critical component of network security, and they act as a barrier between your network and the internet. By configuring traffic rules, you can gain granular control over what traffic should be allowed, blocked, or rejected. This can help to enhance network security by preventing unauthorized access and reducing the risk of malicious attacks. By following the instructions in this article, you can learn how to configure firewall traffic rules to enhance network security.
This article contains instructions on how to configure firewall traffic rules to filter network traffic. Firewalls are a critical component of network security, and they act as a barrier between your network and the internet. By configuring traffic rules, you can gain granular control over what traffic should be allowed, blocked, or rejected. This can help to enhance network security by preventing unauthorized access and reducing the risk of malicious attacks. By following the instructions in this article, you can learn how to configure firewall traffic rules to enhance network security.


Line 17: Line 16:




===Configuration specifics of Traffic Rules===
===Traffic Rules configuration specifics===
----


====Traffic Rules evaluation====
====Traffic Rules evaluation====
 
----
Traffic rule settings can be found by navigating to '''Network -> Firewall -> Traffic rules''' via WebUI. The new rules are created in the '''‘Add new instance’''' section of the settings page.
Traffic rule settings can be found by navigating to '''Network -> Firewall -> Traffic rules''' via WebUI. The new rules are created in the '''‘Add new instance’''' section of the settings page.


Line 30: Line 30:


====Defining specific IP addresses and networks====
====Defining specific IP addresses and networks====
 
----
It is possible to define both specific IP addresses to block hosts, as well as networks to block whole networks of devices. Examples are:
It is possible to define both specific IP addresses to block hosts, as well as networks to block whole networks of devices. Examples are:


Line 39: Line 39:


====Defining single ports and range of ports====
====Defining single ports and range of ports====
 
----
It is also possible to define single ports, as well as a range of ports. To apply the rule for two ports, 22 and 443:
It is also possible to define single ports, as well as a range of ports. To apply the rule for two ports, 22 and 443:


Line 50: Line 50:


====Resolving hostnames to IP addresses====
====Resolving hostnames to IP addresses====
 
----
A command '''‘nslookup <hostname>’''' can be used on both, Windows and Linux machines to resolve a hostname to the IP address. For example, the following command resolves ''''www.wikipedia.org'''' to it's IP address:
A command '''‘nslookup <hostname>’''' can be used on both, Windows and Linux machines to resolve a hostname to the IP address. For example, the following command resolves ''''www.wikipedia.org'''' to it's IP address:
<pre>
<pre>
Line 58: Line 58:


====Default ports for specific services====
====Default ports for specific services====
 
----
In the realm of networking, many services are assigned a default port number for communication. These are well-known, reserved TCP/IP ports, which range from 0 to 1023 and are used by specific services, and therre are other well-known ports outside of this range. For instance, the MQTT protocol uses port number 1883 as its default port. When configuring Teltonika devices to use MQTT, the rule to allow traffic on this port is automatically created. However, in case you face an issue with MQTT traffic being dropped, you should check the traffic rules to ensure that the rule which allows traffic on port 1883 exists and is enabled.  
In the realm of networking, many services are assigned a default port number for communication. These are well-known, reserved TCP/IP ports, which range from 0 to 1023 and are used by specific services, and therre are other well-known ports outside of this range. For instance, the MQTT protocol uses port number 1883 as its default port. When configuring Teltonika devices to use MQTT, the rule to allow traffic on this port is automatically created. However, in case you face an issue with MQTT traffic being dropped, you should check the traffic rules to ensure that the rule which allows traffic on port 1883 exists and is enabled.