How do I block specific range of inbound UDP ports?

General discussions about Little Snitch
Post Reply
John Galt
Posts: 9
Joined: Thu Jun 21, 2012 2:52 am

How do I block specific range of inbound UDP ports?

Post by John Galt » Mon Nov 18, 2013 10:13 pm

How can I create a rule that allows all inbound UDP ports except for the range that I want to block?

I am having a problem with a SIP attack to my softphone application. Looking at my computer's console it appears that the attacks are happening on inbound UDP ports 5000-5100. I see that there is a protected System rule that allows all inbound UDP ports and I am not sure how to modify it. I need leave UDP port 5060 open for our phone system to be able to call my softphone.

AYBABTU
Posts: 9
Joined: Tue Oct 15, 2013 4:54 pm

Re: How do I block specific range of inbound UDP ports?

Post by AYBABTU » Wed Nov 20, 2013 12:52 pm

AFAIK all the rules can co-exist and you could create a block rule for UDP ports 5000-5100 and an allow rule for port 5060 (either for all processes or just your sipphone), so this would at least minimize the port range for the attacks.

John Galt
Posts: 9
Joined: Thu Jun 21, 2012 2:52 am

Re: How do I block specific range of inbound UDP ports?

Post by John Galt » Sat Nov 30, 2013 8:08 am

Thanks.

Post Reply