By using AWS re:Post, you agree to the Terms of Use
/AWS Network Firewall Domain list Port/

AWS Network Firewall Domain list Port

0

Hi all. I am trying to configure AWS network firewall using Domain list. I can select the http protocol in the configuration, but http seemed to be inspected regardless of the port because it was inspected even if I used a port other than 80. Is it possible to change/limit the target port?

1 Answers
0

Hello there

Yes you can use different port ,but not with Domain lists.However if you want to do custom which can’t be achieved by domain lists or any other rule ,you can create a Suricata rule refer to this document[1].The domain list looks at the host header in http request,so the port used by http is irrelevant and http request will still contain a host header that how it works http is not limited to port 80 although it is common to see http used port 80.For more clarity please refer to the document provided[2].

Resource:

Suricata examples:https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-examples.html

Learn about how to configure:

https://catalog.us-east-1.prod.workshops.aws/workshops/d071f444-e854-4f3f-98c8-025fa0d1de2f/en-US/lab-three/step-six

[1]https://docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-suricata.html

[2]https://docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-domain-names.html

answered 19 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions