Sebastian Davie wrote:
> Hi Sven
> Thanks for that! I was only trying to block FTP to check my settings!
> FTP was something that I could get instant results on!
> All ok .. So from now on I wall always set "Source Port Range" to all
> and only block on the "Destination Port range" --- Would that be the
> best practice?
not necessarily. you might have an application that uses a pre-defined
source port, in which case, you want to filter by that. but to block LAN
access TO certain services on the WAN, yes, assume random source ports
and block the destination ports.