Firewall that can filter by source port?

Similar Messages

• Is there a firewall that can block an application?

  I'm looking for a firewall that can block applications.
  The firewalls for linux that I've found using google and also the one I'm using now can not block an application. There used to be an option for iptables (-m owner --cmd-owner programname), but since kernel 2.6.14 they've removed this option for iptables.

  eric, when you say u want to block applications, do you mean you want to block some of your applications getting out, or illicit use of ports for someone to get in ?
  if its the latter, it may be that the firewall rules regarding "accepted, related, established" cover this as when you make rules, whichever firewall application u use, you can drop any incoming connections that arent following the state matches in your ruleset.
  if you are concerned about ports being open to accept certain programs data, go to www.grc.com and use Shields Up to check. its a long while since i used any of this as i have a hardware firewall/router now, so apologies for lack of detail.
  iptables/netfilter help here

• Can I open a port range in the firewall for one host?

  Can I open a port range in the firewall for one host?  In other words, I want to be able to open ports 54001 to 54050 to allow one remote host in my LAN to access that port range in my Mac Server.  Is this possible?  Currently, the only option I see is to open individual ports for all external hosts (eg http or https)
  Thanks in advance!

  Which version of OS X Server are you using?
  Server 2.2 and earlier includes an interface to a software firewall that can be configured to open specific ports very easily. Descriptions of how to configure the firewall can be found in the documentation for these versions.
  Server 3.x no longer has an interface to the software firewall - it is still there, but you need to use other methods do configure it.  A popular example of such a method is the icefloor utility.
  Apple suggest that for Server 3 you delegate firewall duties to an external router.  Server 3 includes the ability to configure the firewall component of Apple Airport routers 'automatically'
  if you connect a machine running Server 3 directly to an Airport Router the router appears in the LH pane in the Server.app window (usually second line, below the entry for the server itself), and you can control what services are 'enabled' through the firewall there.
  a more common solution perhaps is to use a non-apple router, and configure the firewall (and so open specific ports) through whatever control interface is provided for that router.  There are many many kinds of hardware router you could use, and the control interfaces used vary widely - so you will have to consulting the documentation for your own router to work out how to do this.
  If you post information about your software versions, and hardware configuration, it is possible that you can get more specific help with the tasks involved in opening the ports.
  Hope this helps.

• About the Maximum of Source Ports to ONE Destination Port on ESW 520 24P

  Does the ESW 520 24P Support Mirroring 20 Ports Traffic to 1 Destination Port?

  Hi Andy
  No the ESW supports mirroring groups that can each mirror  8 ports to a destination port.
  This is great for normal problem determination purposes. I can guess at your application.
  regards dave

• HT3576 how can i verify that the network or firewall is not blocking access to port 5223.

  how can i verify that the network or firewall is not blocking access to port 5223?

  Talk to someone who knows something about networking and/or firewalls on an appropriate forum.
  Configuring your network and/or firewall is beyond the scope of this forum, which is devoted to issues using the iPhone.

• How do I NAT based on destination port while source port can be ANY

  Goal - I want to forward Internet bound HTTP and HTTPS traffic  to a Proxy via an IPSEC Tunnel - I want to maintain my private IP as it goes accross the IPSEC Tunnel - I also want remaining Internet Traffic to route Normally by NATing to my outside address.
  In 8.4 this is quite easy as I can specify a destination port and have "any" source port for the NAT
  Here is a snap shot of the config:
  object service Proxy_HTTP
  service tcp destination eq www
  object service Proxy_HTTPS
  service tcp destination eq https
  nat (inside,outside) source static any any service Proxy_HTTP Proxy_HTTP
  nat (inside,outside) source static any any service Proxy_HTTPS Proxy_HTTPS
  object network Non_Proxy
  nat (any,outside) dynamic interface
  PROBLEM: I need this behavior in 8.2.x  - I have found no way to mimic this.
  You cannot use NAT Exemption as it cannot be port based
  A static policy NAT with Access list will not work as you must specify a single source port - Since there is no way to predict the source port this wont work.
  I don't see any of the other NAT Types working this way.
  If there is a way to make this work in 8.2 please let me know - We have many ASAs and we are not ready to make the leap to 8.4 but we need to use the proxy.

  Karen-
  Results: Did not work. The web based shortcuts did not appear.
  Below is the steps taken with your tips incorporated. (Again it's lengthy sorry about that, but anyone can recreate what was done here. Maybe someone can see something left out by doing/reviewing it).
  Here is what was done:
  1. Installed a fresh install of Windows 8.1 enterprise on a pc. No updates were ran.
  2. During setup created the admin account.
  3. Logged into the account a simple start screen was arranged and setup by:
  Starting desktop Internet Explorer. Going to Technet's website. Clicked tools and then selecting "Add site to Apps" from the drop down menu. Went to Apps screen, right clicked and pinned it to start screen. Repeated this procedure with an
  educational web based site.
  Right clicked a few provisioned apps and unpinned them from the start screen.
  Made a few groups and labeled them. Web based shortcuts were arranged with one provisioned app in that particular group.
  4. Opened a Powershell, right clicked it and ran as administrator. Typed the following:
  export-startlayout -path C:\Users\Public\Master.xml -as xml
  (Master is the name chosen for this test .xml file and was put in a location all users would have privelages to access it).
  5. Opened the command prompt and right clicked and "ran as administrator", typed in gpedit.
  6. In the Local Group Policy under User Configuration, under Start Menu and Taskbar I choose the Start Screen Layout.
  7. Enabled the policy and typed in: C:\Users\Public\Master.xml for the Start Layout File.
  8. Opened computer management, under Local Users and Groups I chose Users, right clicked in the middle screen and created a new user called Alpha.
  9. Logged out of the inital account and logged into newly created Alpha account.
  10. When the Alpha account logged in the start screen came up with everything changed in the inital account but no web based shortcuts were found on the start screen or App view.

• Hierarchy monitoring detected that the ConfigMgr SQL Server ports 1433,4022, are not active on Firewall exception

  SMS_HIERARCHY_MANAGER reports (Message ID=3353):
  "Hierarchy Monitoring detected that the ConfigMgr SQL Server <fqdn> ports 1433,4022, are not active on Firewall
  exception."
  This is a fresh SCCM 2012 environment with no firewall active. SQL is installed on the same server as SCCM 2012.  Is there a way to fix this without enabling the firewall?

  Check this out
  Issue:
  ConfigMgr logs the error even though Windows Firewall is disabled or it is enabled and all exceptions are added to SQL Server(s).
  Environment: I had an environment  consist of a two node SQL Cluster hosting ConfigMgr database and a separate ConfigMgr primary site server
  Resolution:
  Windows firewall service must be started on both SQL nodes and ConfigMgr itself . As soon as the service is started exceptions for TCP 1433 and 4022 must be added to SQL nodes firewall.
  After that the firewall profiles can be disabled using:
  netsh advf set allp state off
  This is true but if you disable the firewall even thought you have opened the Firewall port then disabled the firewall. The status message will continue to be generated and your site server will still be in an error state.
  Notice that I said "disabled" and not "turn off".
  Garth Jones | My blogs: Enhansoft and
  Old Blog site | Twitter:
  @GarthMJ

• I need to set up an expense form so that our consultant can "filter" by customer type, program type, and finally the purpose of the trip. For instance: the customer types are churches, schools, organizations. The program type would be fund raising, gift p

  I need to set up an expense form so that our consultant can "filter" by customer type, program type, and finally the purpose of the trip. For instance: the customer types are churches, schools, organizations. The program type would be dependent on the customer type selection from the first list. Some examples would be: fund raising, gift planning, surveys, and others. The purpose of the trip would be dependent on the program type selected from the second list. Some examples of trip purposes would be: presentation, design, prospecting. Further, the purpose of trip selection from the third drop-down box would then have to determine the values of other fields by expense type: such as commission, airfare, hotel. etc. I've tried pop-up menu but can't figure out how to "select" from the final popup list and have it populate a field for the purpose of the trip. I've tried to look at the JavaScript examples for dependent drop-down boxes, but can't find any that quite fit what I'm trying to accomplish. I am very new to all of this. No training in writing Javascripts - just trying to wing it. The form has to be very simple for our consultants to use, but also give our office the detail we need to process through the correct account numbers. I would appreciate any detailed step-by-step instructions - kind of a javascript for dummies type of info. HELP!

  An AcroForm is the name given to the type of PDF form that you create in Acrobat. An XFA form is the type of form that you create in LiveCycle Designer. Although they are both PDF files, they are very different structurally and have significant;y different scripting models. So pay attention to the information on AcroForms and ignore anything about XFA. Be sure to get the sample PDF forms so you can look at how it works and where the scripts are placed.
  What you want to do will require scripting, and if you don't have the experience and are unable to use the information in the tutorials to create what you want, you might consider getting someone who has experience do this for you. I'll often suggest code if I can do so quickly, but what you want requires more than a few minutes.

• I have a macbook pro4.1 and the sound chip in it failed. My speakers and microphone no longer work. Does anyone know of an external speaker and microphone set that plugs into the USB port so I can continue to use both of these functions?

  I have a macbook pro4.1 and the sound chip in it failed. My speakers and microphone no longer work. Does anyone know of an external speaker and microphone set that plugs into the USB port so I can continue to use both of these functions and not have to pay to have the entire main board replaced. Preferably something under $100.

  I don't think you're likely to find a set of external speakers that come with a microphone and plug directly into a USB port. There are USB audio cards that look like tiny flash drives but have microphone and headphone ports in them, to which you can connect a typical two-plug Windows PC headset with a microphone, or else you can connect external speakers and a stand-alone microphone. Those adapters typically cost under $10. I don't know anything about the quality of sound that can be expected from them.
  I have a Griffin iMic, which is much the same idea but larger, a bit more expensive (retail~$40), and perhaps delivers somewhat better sound quality (I hope so, but I don't know because I've never had occasion to try one of the little ones).
  http://www.google.com/products/catalog?oe=UTF-8&hl=en&client=safari&q=usb+sound+ card&um=1&ie=UTF-8&tbm=shop&cid=9618463009759678039&sa=X&ei=tgQoT5zYOMfZ0QHkiICw Ag&ved=0CHcQ8gIwAQ
  http://compare.ebay.com/like/320779457703?var=lv&ltyp=AllFixedPriceItemTypes&var =sbar

• Is there a device I can purchase to enable wifi on my old iMac, like something that plugs into the ethernet port?

  Is there a device I can purchase to enable wifi on my old iMac, like something that plugs into the ethernet port?

  Yes! There are lots of wifi adapters that will work with OS 9 on old iMacs. You can find a comprehensive list of them here:
  http://lowendmac.com/macdan/md09/mac-os-9-wifi.html
  Belkin seems to make a lot of wireless products for OS 9, so that would probably be the name to keep in mind. You can see one of these here:
  http://cache-www.belkin.com/support/dl/belkin_wireless_usb_network_adapter_manua l_os9.pdf
  If you're using an iMac G3, I think those are compatible with AirPort cards, so that's an option too. Good luck!

• How I can change a power pivot without change the power charts that are suing that power pivot as source?

  Hi All
  My issues using an Example, 
  I've a power pivot with 3 related tables, (two dimension tables and one measure table), then I created a pivot chart using
  that 3 tables as source... 
  The pivot chart is a little complex... it takes some time to rebuild from the scratch... I have added 3 measures to the chart,
  M1, M2, M3... but due to a business changes I need to refresh the measures M1, M2, M3 with information from a different source...
  i.e. I need to drop the 3 measures from the Power Pivot, then I need to add them again with the same names, but when I drop
  them from the power pivot table  the pivot Chart Fields Values disappear and the chart obviously is refreshed without the 3 measures... :S
  Question: How can I drop a column from a power pivot table, then add it again with the same name without affect the Pivot
  Chart Fields... i.e. only when I do the refresh manually the charts are affected... but once the name of the columns are the same.. the charts don't change the layout....
  Thanks Very Much!!!
  Luis

  Luis,
  Any luck with this?
  Thanks!
  Ed Price, Power BI & SQL Server Customer Program Manager (Blog,
  Small Basic,
  Wiki Ninjas,
  Wiki)
  Answer an interesting question?
  Create a wiki article about it!

• HT3576 How do you, verify that the network or firewall is not blocking access to port 5223.

  How do you, verify that the network or firewall is not blocking access to port 5223.

  Maybe:
  http://answers.yahoo.com/question/index?qid=20110606132954AAZH4Tc
  http://forum1.netgear.com/showthread.php?t=48533

• HT201338 adaptor that accepts both VGA and ethernet cables at the same time that can be plugged into the Thunderbolt port

  I have my Apple cinema display connected to my MacBook Air via the Thunderbolt port, but I also want to connect an ethernet cable.
  Is there an adaptor that accepts both VGA and ethernet cables at the same time that can be plugged into the Thunderbolt port

  I have my Apple cinema display connected to my MacBook Air via the Thunderbolt port, but I also want to connect an ethernet cable.
  Is there an adaptor that accepts both VGA and ethernet cables at the same time that can be plugged into the Thunderbolt port

• A rugged switch that can support PoE+ on 4 ports

  We are mounting 4 Access points in a parking Lott. We have wired up a cat6 cable to each AP (not power). The cat6 cables are terminated in a weather resistant outdoor box.
  My question is: Does Cisco have at rouged switch that can support this setup?
  The plan was to use a IE2000. However the IE-2000-16PTC-G-L that we purchased, did not deliver enough power on each port (it can deliver PoE on 4 ports, but only PoE+ on 2) My fault that I did not read the PDF thoroughly enough :-( 
  So question is, does cisco have a rugged switch that can deliver PoE+ on 4 ports?

  I believe you'd have to move up to the IE3000 series with the 8-port module (Cisco IEM-3000-4PC-4TC=). That module will deliver POE+ on 4 of its 8 ports. Reference.

• ACE: Can I loadbalance based on client Source IP/and client tcp source port?

  We recently migrated serving a client from being thick client at the desktop to being served via a citrix farm.  Prior to the migration the clients came from about 5000 unique source IP's to their VIP, now they come from only 31 unique source IP's from the citrix servers in the farm. A citrix server can host 400 client sessions, since the default action of the ACE is to loadbalance based on source IP's, the ACE is sending up to 400 sessions from one citrix server to 1 real server in the farm.  Is there anyway I can loadbalance based on client source IP and tcp source port so the ACE views the 400 sessions from one citrix server as unique sessions?  The application does not require persistence.

  Hello,
  Yes, you can configure a "Sticky Layer 4 Payload" as descirbed on this Link:
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA2_3_0/command/reference/sticky.html#wp1039276
  Unfrotunately I do not have any working example. You must calculate the right values for the Offset and the Length to configure.
  Regards Jean-Marc