Jump to content
  • EN

Firewall traffic rules: Difference between revisions

Firewall traffic rules (view source)

Revision as of 08:28, 7 April 2023

782 bytes added ,  7 April 2023
no edit summary
VisualWikitext
No edit summary
No edit summary
Line 52: Line 52:
====Resolving hostnames to IP addresses====
====Resolving hostnames to IP addresses====
----
----
A command '''‘nslookup <hostname>’''' can be used on both, Windows and Linux machines to resolve a hostname to the IP address. For example, the following command resolves ''''www.wikipedia.org'''' to it's IP address:
A command '''‘nslookup <hostname>’''' can be utilized on both Windows and Linux machines to resolve a hostname to its corresponding IP address. This command can be particularly helpful when configuring network traffic rules because these rules require the use of IP addresses instead of hostnames. For instance, the following command can be used to resolve hostname ''''www.wikipedia.org'''' to its IP address:
<pre>
<pre>
nslookup www.wikipedia.org
nslookup www.wikipedia.org
</pre>
</pre>
These IP addresses can be used as the destination IP in the traffic rule. This command works on RutOS as well, as RutOS is based on OpenWRT, a Linux distribution.
It is worth noting that this command also functions on RutOS, as RutOS is based on OpenWRT, a Linux distribution.


====Default ports for specific services====
====Default ports for specific services====
----
----
In the realm of networking, many services are assigned a default port number for communication. These are well-known, reserved TCP/IP ports, which range from 0 to 1023 and are used by specific services. There are also other well-known ports outside of this range. For instance, the MQTT protocol uses port number 1883 as its default port. When configuring Teltonika devices to use MQTT, the rule to allow traffic on this port is automatically created. However, in case you face an issue with MQTT traffic being dropped, you should check the traffic rules to ensure that the rule which allows traffic on port 1883 exists and is enabled.  
In the realm of networking, many services are assigned a default port number for communication. These default ports are typically well-known, reserved TCP/IP ports that range from 0 to 1023 and are specific to particular services. In addition to these ports, there are other well-known ports that fall outside of this range.
 
For example, the MQTT (Message Queuing Telemetry Transport) protocol, which is commonly used in Internet of Things (IoT) applications, uses port number 1883 as its default port. When configuring Teltonika devices to utilize the MQTT protocol, a rule is automatically created to permit traffic on port 1883.
 
However, if you encounter an issue with MQTT traffic being dropped, it is advisable to verify that the traffic rules are correctly configured to allow traffic on port 1883. You should confirm that the rule which permits traffic on this port exists and is enabled.
 
Furthermore, it is important to note that these default ports are not set in stone and can be changed. This can be necessary for security reasons, as attackers may target commonly used ports to exploit vulnerabilities in certain services. Therefore, it is crucial to periodically review and update the ports used by your organization's services to prevent security breaches.


==Traffic rules configuration examples==
==Traffic rules configuration examples==
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/106510"