We have been using ipfire in a small network for a while. It is working fine with port forwarding and some firewall rules.
Now that, we have installed bitdefender business security in the systems in LAN, they asked us to open certain ports in the ipfire firewall (firewall policy is Blocked) for their cloud console to work. Here is the list of ports they have asked us to open. https://www.bitdefender.com/support/bitdefender-gravityzone-(cloud-console)-communication-ports-1256.html
I don’t know how to open these ports for the whole netwok. (Port forwrding is working fine for us. But it needs to specify a certain client) Please advice me what to do with these firewall rules.
if I got your problem, you just need to configure firewall rules for that. This is documented in the wiki; just select your GREEN/BLUE/ORANGE network as the source.
Here is the list of ports they have asked us to open.
That’s quite a bunch of ports their products want to talk to. Great for improving the overall security of your network, but perhaps you are able to limit firewall access to certain IPs, networks or countries.
Thank you Peter.
I can create firewall rules with GREEN/RED as my source.
But I don’t understand, how to specify a certain port in that rule.
Only when I select ‘NAT’ that I see an option for port. (I think, which is not needed here)
A clarification to this problem is appreciated.
Okay, I got it. Thank you very much.
One more doubt, I selected Source as RED and Destiantion as GREEN. (Inbound connection)
I have to open port ‘5555’ for Inbound connection.
Now, What shall I give in ‘Source port’ and ‘Destination port’?
Now, What shall I give in ‘Source port’ and ‘Destination port’?
Well, the “destination port” is 5555. Since you do not know the source port, just leave it blank. (You might want to limit the source port to someting bigger than 1,023, but this unfortunately is not implemented yet.)
I was also looking for this solution.
I figured out how to create service groups.
But I can’t find an option to include service groups in firewall rule creation.
IPFire offers the ability to take control of a lot of different protocols. During the rule creation you may select a special protocol, a -Preset- for a known or custom created services, or simple create a rule that affects All protocols.
So, all you need to do is selecting “-Preset-” as the protocol.