Home/Support/Support Forum/Digi Trasnport firewall access to some sites
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

Digi Trasnport firewall access to some sites

0 votes
Hello,

please can you give me an example of set of firewall rules.

my goal is to allow only few http and https sites, let say www.microsoft.com and www.digi.com.

thx
asked Jan 26, 2016 in Digi TransPort Cellular by iadamovic New to the Community (5 points)

Please log in or register to answer this question.

1 Answer

0 votes
Hi you can use this

[dnslist]
Used to match packets containing DNS names in a given dnslist. Following dnslist, there
needs to be a name of a DNS list as specified by the #dns command.
For example, consider the following DNS list:
#dns gglist www.Digi.co.*,www.*.co.nz
The following firewall rule blocks all DNS lockups to DNS names matching the above list:
block out break end on ppp 1 proto udp dnslist gglist from any to any port=dns

This is the other way round.

you would allow the list and block all dns lookups

#dns gglist *.Digi.com ,*.microsoft.com
pass out break end on ppp 1 proto udp dnslist gglist from any to any port=dns
block out break end on ppp 1 proto udp from any to any port=dns

if you are only after a very few sites you could use

pass out break end from any to www.digi.com port=http
block break end from any to any port=http

hope this helps

regards

James
answered Jan 26, 2016 by James.Wilson Veteran of the Digi Community (1,225 points)
I found out the solution.

Your answer is correct
...