The table in this post shows the firewall rules solution to meet the requirements in the “Firewall Rules” post. Additionally, the following list provides explanations for each of these requirements. For clarity, the rules are restated right before the explanation:
- Allow all HTTP traffic to a web server with an IP of 192.168.1.25.
Note that while HTTP traffic typically uses TCP, it can also use UDP. Because of this IP is used instead of TCP or UDP.
- Allow all HTTP and HTTPS traffic to a web server with an IP of 192.168.1.25.
This requires two rules. One rule allows HTTP traffic by allowing port 80, and the second rule allows HTTPS traffic by allowing port 443.
- Allow DNS queries from any source to a computer with an IP of 192.168.1.10.
DNS name resolution queries use UDP port 53.
- Block DNS zone transfer traffic from any source to any destination.
DNS zone transfers use TCP port 53.
- Block all DNS traffic from any source to any destination.
Using IP blocks both DNS name resolution queries on UDP port 53 and DNS zone transfers on TCP port 53. You could also implement this was two separate rules with one for UDP and one for TCP.
- Implement implicit deny.
The implicit deny rule is always placed last and it blocks any type of traffic from any source to any destination using any port. Note that you could also have omitted rules 4 and 5 and placed the implicit deny rule after rule 3. It would still have met the requirements but wouldn’t have stressed the difference between TCP port 53 and UDP port 53.
Table: Firewall rules
Page 3 Firewall Rules Solution (this page)