asked on

Firewall request application correct database format

I'm writing a Firewall Request application. Users can submit a request to modify or add an rule in the firewall. It asks for source ip(s), dest ip(s), source port(s), dest port(s), port(s), and protocol(s).

I'm curious about the best design and best practices for the database. Because there can be any number of source IP's going to any number of dest IP's, I have a link table called FirewallSourceAndDestIP that is below.

CREATE TABLE FirewallSourceAndDestIP
(
	ID int NOT NULL IDENTITY (1,1),
	FirewallRequestID int,
	SourceIP Nvarchar(16),
	SourceType Nvarchar(20),
	DestIP Nvarchar(16),
	DestType Nvarchar(20),
)

Open in new window

Making a row for every source to dest connection and it links back to the main FirewallRequest table. However, when it comes to ports, I'm confused at the best way to accomplish this same task. If I use a link table, it's possible I could have up to 65k+ rows per request if they want all ports (any/any) connection. Is this the best way to go about it, or am I missing an easier solution?

Mark Bullock

Can you add port to your table and leave it null to mean all ports?

RIP_Leroi

ASKER

I've considered that but there are also a lot of request that have 10k+ ports (lots of high UDP ranges for audio/video). Does this even matter? Am I over thinking it?

Mark Bullock

How would someone enter 10,000 port numbers? Maybe you save ranges.

ASKER CERTIFIED SOLUTION

Vitor Montalvão

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

RIP_Leroi

ASKER

This works perfectly.