Hello,
Is there any way I can configure a rule in the (Gateway) Firewall Policies for a certain host and several ports?
I’m unable to do something like “allow IP and (port 80 or port 443)”.
I have to do “allow (IP and port 80) or (IP and port 443)”
I’m unable to attach any images, but I hope this is clear. It’s terribly rigid and I can see how the firewall can become chaotic if the rules cannot be defined in a more synthetic way.
Dear vincentiu.iacob,
Following are the suggestions that you could try:
allow <ENTER_IP_HERE> and (tcp.dstport in { 80 443 })
OR
allow <ENTER_IP_HERE> and (cf.edge.server_port in { 80 443 })
whichever is relevant as per your objective.
Hope this helps you get a few steps closer to resolve the issue. Thank you. Please let me know if there is anything
else. Thank you.
I’m not sure if I’m missing something or you are not aware of the actual context, but this is not the cloudflare firewall that you use for your website. This is the gateway firewall, which is part of Zero Trust. These are called ‘Firewall policies’ and they are much limited than the normal cloudflare firewall. And there’s nowhere I can write custom rules like this.