Link to home
Avatar of Mr.X

asked on

firewall rule- if I specify tcp- does it combine all tcp protocols or only web traffic

hi guys,
just a general firewall question

I got a rule as -outgoing rule

protocol is TCP - source IP any- source port any- dest IP any-  dest port 443

is this gonna make all tcp protocols to use only port 443
I mean many protocols using tcp - like (http,ftp,telnet,ssh,imap, etc ) all gonna use only port 443 while going out. ???
or it’s going to route only web traffic which uses http/https over 443 port ??
Avatar of kevinhsieh
Flag of United States of America image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Mr.X


if it’s not about other protocols. why should
I specify tcp ?
what will happen if I specify udp in the same spot ?
Then it would match UDP traffic that is destined for UDP port 443. There isn't much that I am aware of, unless that's part of the newer http spec.
Avatar of Mr.X


sorry. just trying to understand.
when you say would match tcp traffic or match udp traffic . what does that mean ???
because I always thought if some one  says match tcp traffic- it matches all protocols come under tcp. and same way for udp - match it’s protocols .
It is like a search, where all parameters need to match. If you just match TCP, then it will match all TCP. You can further refine the match by including source and/or destination port qualifiers.
to what I understood from your question, the answer is no. this rule will only match traffic with destination of 443. other services highlighted (http,ftp,telnet...) are not matched. you need separate rules for them so it will only route secure web traffic (https) which is destined to port 443. You need to add port 80 for http and don’t forget 53 tcp/udp for dns
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: 'kevinhsieh' (https:#a43012505)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

Experts-Exchange Cleanup Volunteer