AWS Network Firewall Domain list Port
Hi all. I am trying to configure AWS network firewall using Domain list. I can select the http protocol in the configuration, but http seemed to be inspected regardless of the port because it was inspected even if I used a port other than 80. Is it possible to change/limit the target port?
Yes you can use different port ,but not with Domain lists.However if you want to do custom which can’t be achieved by domain lists or any other rule ,you can create a Suricata rule refer to this document.The domain list looks at the host header in http request,so the port used by http is irrelevant and http request will still contain a host header that how it works http is not limited to port 80 although it is common to see http used port 80.For more clarity please refer to the document provided.
Learn about how to configure:
Network Firewall sometimes misses L7asked 4 months ago
Routing network traffic between two EC2 instances in the same subnet to a firewall appliance in another VPCAccepted Answerasked 5 months ago
AWS CloudFormation deployment of AWS Network FirewallAccepted Answerasked a year ago
Domain Allowlist AWS Network Firewall
AWS CLI Updating Network Firewall Rules
Network Firewallasked 21 days ago
SSM Network firewall auditasked 6 months ago
When to propose AWS Network Firewall vs 3rd party options?asked 2 months ago
AWS Network Firewall Domain list Portasked 2 months ago
AWS Network Firewall Managed Signaturesasked 2 months ago