Welcome, Guest. Please login or register.
Did you miss your activation email?
Wednesday 20 November 2024, 05:23:59 am

Login with username, password and session length

Visit the official Endian Community Mailinglist  HERE
14258 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Port forwareding
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Port forwareding  (Read 8888 times)
Tokas
Jr. Member
*
Offline Offline

Posts: 2


« on: Thursday 07 March 2013, 07:09:17 pm »

i have 2.3 version and dont understand something....i wanted to open one port so some program can access internet....i was looking at dnat to do that but i couldnt...i searched internet but couldnt get it done....so i set rule on 'outgoing traffic' and it worked....now can you tell me is that it?must i config something else?is my network safe?i didnt have any contact with hardware firewall so i musat ask these questins Cheesy 
Logged
karlhenselin
Jr. Member
*
Offline Offline

Posts: 5


« Reply #1 on: Wednesday 15 May 2013, 09:30:46 pm »

if you want to access something on the Internet, outgoing is the right one.
If you want to access something inside from outside, then you need DNAT.
Logged
Syntax42
Full Member
***
Offline Offline

Posts: 19


« Reply #2 on: Saturday 18 May 2013, 12:27:31 am »

To clarify, an outgoing firewall prevents connections from being established from inside your network to the outside.  This can be helpful in preventing malicious programs which use uncommon ports from sending information out, but can also prevent desired programs from connecting to the internet.  The most practical application of the outgoing firewall is reducing the use of unauthorized programs on a corporate network, but this may not be effective because many programs are using common internet ports and protocols to bypass firewall restrictions.

Unless you have a server running inside your network, you should not forward ports.  Doing so enables connections to be made from the outside directly to the computer the ports are forwarded to, at any time.  If that computer has a service listening on that port, and that service has a vulnerability or bug, an attacker could potentially exploit that service to do harm to that computer or your entire network.  Closing ports is considered an effective line of defense against attackers, which is why standard routers are suggested for use in every network, as a bare minimum.

If you opened a port on your outgoing firewall, that does not allow traffic to return to you on that port unless your computer established a connection with an outside computer first.  Then, only that IP address can send data to you on that port, which doesn't create a significant risk.  Typically, ports remain open for a short duration, and close after no communication is used on that port by your computer or the computer you are communicating with.  I'm not sure of the exact time, but it seems to be around a minute.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.08 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com