Blockout all traffic

Networking
1

Hi, am a beginner with IPFire.
I would like to use Win 11, but for me it transmits to many data into the Internet. So I would like to block all outgoing traffic, but not Browser and Emailprogram, maybe other additional programs.

So I would like to ask for some concrete help:

  • How can I concret block any outgoing traffic?
  • How can I find out, which port for example is the browser using?
    (Or can I even force the browser to use a specific port?)
  • How can I configure IPFire to unblock this specific port?
2

the browser I would say that 99% of the traffic is on port 80 and 443
for mail it depends on your server but if it is on pop3 and smtp
so I would say in most cases smtp 25 or 465
pop3 110 or 995
except for errors

2 Likes
3

start here.
change the default firewall behavior.

This is a good read to get you started.
https://www.ipfire.org/blog/firewall-configuration-recommendations-for-ipfire-users
link to firewall rule creation.

3 Likes
4

Thanks so far :slight_smile:

There is a point, where I am not sure about the policie to block all traffic and than allow only the wished.

For example I am going to do so and then free Port 443 and or 80 for the Browser. If it works than I know that it was correct.

But where do I know that no other program is using this port?

And if I would like to allow a specific program the access to the internet, where do I know which port it is using?

Or it is possible to force a specific program to use a specific port?

5

you can not.

The proxy would give you some filtering in that capacity

check the fire wall logs

if the program is configurable or port redirect through firewall

Service groups will be your friend.

6

Commercial VPNs often have the option of using port 443 for exactly the reason it is hard to block as you have to do some deep packet inspection of some sort to determine if it is standard HTTPS or if it is something like an SSL VPN.

Remember also that the “programs” are running on devices behind IPF so it is more or less impossible to work out which program is going through the firewall. There are some tools such as Netify that attempt this sort of thing.

Netify used to have a couple of tools, the Application Filter and Protocol Filter, built into ClearOS, but ClearOS is now dead. They may still provide them for specific firewalls.