[TriLUG] OT - limiting access to destination ports

Ben Pitzer bpitzer at gmail.com
Thu Apr 24 11:12:19 EDT 2008


I believe that the ZoneAlarm FW for Windows could do this, actually, though
I realize it's not a Linux solution.

-Ben Pitzer


On Wed, Apr 23, 2008 at 4:22 PM, Christopher L Merrill <
chris at webperformance.com> wrote:

> I want to block the Flash player in IE (on XP) from connecting to anything
> other than ports 80 and 443 on the destination servers.  Note this is for
> testing some specific stuff - the goal is to force flash to use these ports
> instead of other ports for streaming video.  I haven't found a way for
> Windows Firewall to do this. I've tried TCP/IP port-filtering - but haven't
> found the magic combination that blocks the videos but allows the browser
> to operate.
>
> At my disposal, we have a BSD firewall in the office that all our machines
> are sitting behind.  In addition, I have a Linux machine that is configured
> with Apache and mod_proxy.  At home, I'm behind a Linsys WRT54 (stock
> firmware).
>
> Note that this need only be a temporary solution - something I can turn
> on for a few minutes for testing and then turn off - so preventing
> _anything_ on our network from connection to anything besides ports
> 80 and 443 would be acceptable as long as the browser is still functional
> (I guess that implies DNS queries would need to get through as well?)
> I think I can determine which destination IPs I want to block, so
> a solution that is limited to a few IPs would work, too.  If the solution
> was only functional for a specific source IP address, that would work, too.
>
> Any suggestions how I might accomplish my goal (in 2 hours or less)?
>
>
>
>
> --
> ------------------------------------------------------------------------ -
> Chris Merrill                           |  Web Performance, Inc.
> chris at webperformance.com                |  http://webperformance.com
> 919-433-1762                            |  919-845-7601
>
> Website Load Testing and Stress Testing Software & Services
> ------------------------------------------------------------------------ -
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>



More information about the TriLUG mailing list