How to block all incoming traffics thru a specific port?

Discussion in 'Tomato Firmware' started by vanhh, Oct 19, 2010.

  1. vanhh

    vanhh Network Guru Member

    Hi guys,

    How do I go about blocking all INCOMING traffics thru a single port? In this case the port is 12200. I don't want to block a specific ip address, because there are so many of them. I searched the forum, but only found ip address blocking. Please help.

  2. Toastman

    Toastman Super Moderator Staff Member Member

    Access Restriction / All Day Every Day / Normal Access Restriction / All computers/Devices / TCP / Src or Dst Port - 12200

    I think that should work. Give it a try!
  3. vanhh

    vanhh Network Guru Member

    Thanks Toastman for your reply, but I'm looking for scripts that I can put in my router's firewall. I only want to block incoming traffic to my router on port 12200. Lately there are a lot of incoming traffics originated from China poking on port 12200. I could block whole range of ip on any port, but not on one particular port. I don't want to do this, because the list is getting long and I don't want to block good traffics on different ports on that range of ip addresses. What I need is a script that will block incoming traffics from any ip address on port 12200, but won't block traffics on other ports.

  4. rhester72

    rhester72 Network Guru Member

    Erm...well, by default, if you aren't forwarding port 12200, it is blocked...default policy is DROP.

  5. Azuse

    Azuse LI Guru Member

    Umm, access restriction is simply a gui for creating said script. Anyway if stuffs coming in then something on the lan initiated it. Perhaps spyware/botnet? Opendns is quite good at blocking know ones, which sadly means very few.
  6. vanhh

    vanhh Network Guru Member

    This got nothing to do with spywares and botnet. My computers did not initiated anything.
  7. Porter

    Porter LI Guru Member

    So you have enabled logging of _blocked_ inbound requests or did you do something else?

    And as rhester said: it's already getting blocked; nothing more you can do about it.
  8. vanhh

    vanhh Network Guru Member

    Didn't know it blocked by default. Guess I don't have to do anything further. Thanks for your replies.
  9. fubdap

    fubdap LI Guru Member

    @ vanhh
    Out of curiosity - how did you figure out incoming traffic was trying to go into port 12200?

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice