AWS Network Firewall Domain list Port
Hi all. I am trying to configure AWS network firewall using Domain list. I can select the http protocol in the configuration, but http seemed to be inspected regardless of the port because it was inspected even if I used a port other than 80. Is it possible to change/limit the target port?
Hello there
Yes you can use different port ,but not with Domain lists.However if you want to do custom which can’t be achieved by domain lists or any other rule ,you can create a Suricata rule refer to this document[1].The domain list looks at the host header in http request,so the port used by http is irrelevant and http request will still contain a host header that how it works http is not limited to port 80 although it is common to see http used port 80.For more clarity please refer to the document provided[2].
Resource:
Suricata examples:https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-examples.html
Learn about how to configure:
Relevant questions
Network Firewall sometimes misses L7
asked 4 months agoRouting network traffic between two EC2 instances in the same subnet to a firewall appliance in another VPC
Accepted Answerasked 5 months agoAWS CloudFormation deployment of AWS Network Firewall
Accepted Answerasked a year agoDomain Allowlist AWS Network Firewall
asked 3 months agoAWS CLI Updating Network Firewall Rules
asked 3 months agoNetwork Firewall
asked 21 days agoSSM Network firewall audit
asked 6 months agoWhen to propose AWS Network Firewall vs 3rd party options?
asked 2 months agoAWS Network Firewall Domain list Port
asked 2 months agoAWS Network Firewall Managed Signatures
asked 2 months ago