Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 29 subscribers
  • Views 31666 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

firewall block port 80 but http allowed, only one rule

MattBowles

Have one firewall rule enabled. Block all outbound but what is needed, DNS, NTP, HTTP, HTTPS, ETC.

Getting blocking trying to update but failing. Firewall reports Invalid traffic from internal ip (random port) to external port 80.

Why is it blocking something going to port 80, is it filtering it because its leaving on a nonstandard port?

 

Is there a better way to allow?



This thread was automatically locked due to age.
Parents
  • 0

    MattBowles said:
    Firewall reports Invalid traffic from internal ip (random port) to external port 80 

    I am assuming your http traffic is flowing fine, however you are noticing some dropped port 80 invalid traffic in the logs.

    Most of the time its reset and Fin packets that a stateful firewall sometimes drops. This shouldn't affect your port 80 browsing. You can really look at what exactly the dropped traffic is by following  guide here and follow rule1.

Reply
  • 0

    MattBowles said:
    Firewall reports Invalid traffic from internal ip (random port) to external port 80 

    I am assuming your http traffic is flowing fine, however you are noticing some dropped port 80 invalid traffic in the logs.

    Most of the time its reset and Fin packets that a stateful firewall sometimes drops. This shouldn't affect your port 80 browsing. You can really look at what exactly the dropped traffic is by following  guide here and follow rule1.

Children
No Data