This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using Regular Expression for filtering domains/sub domains

Hello,

First of all, im sorry if this is the wrong section to post this topic.

I would like to know if it is possible to allow connections to destinations such as 'example.com:10995' using regex

Lets say i want to allow access to all connections to sub domains that finish with google.com:2500

So, 123asd.google.com:2500, etc
And there is a LOT of those sub domains so it is not possible to include one by one (More than 100)

123.google.com...
abc.google.com...

Its has to be something like 'Allow all connections that starts with *.google.com:2500' where * means anything.

I already know that i can filter everything that has google.com using regex on Web Filtering, (Like ^https?://([A-Za-z0-9.-]*\.)?google\.com/)
but my question is if i can do the same, or similar, in Network Protection > Firewall

I am also sorry if i did not make myself clear or you did not understand what is my question
I know how to speak english but since this is a very technical question i am not sure if i expressed myself well enough.

Im still learning english

Thank you for your time reading this,

Raul



This thread was automatically locked due to age.
Parents
  • FormerMember
    +1 FormerMember

    Hi Raul,

    Just an explanation to what Dirk said here :) 

    Firewall rules will work on IP bases so even if you add a DNS host in the destination, UTM will try to resolve the IP and then match it against the traffic that was received and if the Destination IP matches the IP which UTM resolved for the DNS host, UTM will follow the action specified in the rule.

    However, You can still specify the required service port if needed in the firewall rule

    You can add a *.google.com in as a DNS host but it won't be resolved and the rule won't work. It is better to do this via Filter Action

  • That was very specific! It gave me a idea...
    I did this way: Created the filter action to allow anything that contained the domain i needed to resolve.

    And on Firewall i allowed the required ports but only from 6h30m PM to 9h30m PM...
    It worked... Thanks bro!

    Its a shame tho - It would be very nice if we could do Filter Actions on Firewall..

Reply
  • That was very specific! It gave me a idea...
    I did this way: Created the filter action to allow anything that contained the domain i needed to resolve.

    And on Firewall i allowed the required ports but only from 6h30m PM to 9h30m PM...
    It worked... Thanks bro!

    Its a shame tho - It would be very nice if we could do Filter Actions on Firewall..

Children
No Data