How can I block all incoming UDP ports

Bulent Tekcan

• May 06, 2021 00:54

Hello, My server has a 7 domain...But I need only block all incoming udp ports to 1 domain IP. I'm using CSF firewall, how can I do that ? Regards, Bulent

• 

  cPRex Jurassic Moderator

  • May 06, 2021 13:55

  Hey there! If you wanted to block all UDP traffic, you would change the UDP_IN and UDP_OUT sections to have no IPs, so they would look like this: # Allow incoming UDP ports UDP_IN = ""
  This would keep DNS from working on the machine. Firewalls are not domain-based, so there isn't a way to stop that type of traffic for just one domain. This would affect the entire server. Since network connections are typically pointed at an IP address, I wouldn't expect there to be a need to filter UDP traffic based on a domain, as there isn't a service that's listening for domain-based connections based on UDP.

  0
• 

  Bulent Tekcan

  • May 07, 2021 07:59

  Hello, I found a way, and working perfectly. Put in csf.deny udp|in|d=1024_65535|d=xxx.xxx.xxx.xxx Now blocked all incoming UDP ports. Regards,

  0

Please sign in to leave a comment.