Introduction
Image Modified
The firewall implements stateful (by utilizing connection tracking) and stateless packet filtering and thereby provides security functions that are used to manage data flow to, from, and through the router. Along with the Network Address Translation (NAT), it serves as a tool for preventing unauthorized access to directly attached networks and the router itself as well as a filter for outgoing traffic.
...
Code Block |
---|
|
/ip firewall layer7-protocol add name=rdp regexp="rdpdr.*cliprdr.*rdpsnd" |
Tip |
---|
If the Layer7 matcher recognizes the connection, then the rule marks this connection as its "own" and other rules do not look at this connection anymore even if the two firewall rules with Layer7 matcher are identical. |
Warningnote |
---|
When a user uses HTTPS, Layer7 rules will not be able to match this traffic. Only unencrypted HTTP can be matched. |