Fibre Channel (SAN)

Reply
Contributor
Posts: 47
Registered: ‎07-21-2009

Port 80 disabled with ipfilter is still responding.

I used the ipfilter utility to set to the policy to deny all the tcp requests to port 80  from any source host. Here is the output from ipfilter .

Name: custom_ipv4, Type: ipv4, State: active
Rule    Source IP                               Protocol   Dest Port   Action
1     any                                            tcp       80       deny

But when I telnet to the switch on port 80, it's still accepting connections.  Port 443 is open because we use ssl for the switch explorer.

Any ideas .  The FOS version is 6.2.0g and the switch MP7500.

Thanks

Moeen

Occasional Contributor
Posts: 11
Registered: ‎03-19-2007

Re: Port 80 disabled with ipfilter is still responding.

Does your network have IPv6 running?  If so, you need to add the same filter to the IPv6 ipfilter configuration.

Contributor
Posts: 47
Registered: ‎07-21-2009

Re: Port 80 disabled with ipfilter is still responding.

Even though we are not using IPv6, I still went ahead and disabeld requests to port 80 using a separate ipv6 policy.

Name: custom_ipv6, Type: ipv6, State: active
Rule    Source IP                               Protocol   Dest Port   Action
1     any                                            tcp       80       deny

Seems very strange, ipfilter works for other ports like telnet, rpc , etc.

Contributor
Posts: 47
Registered: ‎07-21-2009

Re: Port 80 disabled with ipfilter is still responding.

For anyone who might be interested, this is the default behavior, even though it seems to respond to requests on port 80, the port is closed and no real connection is established.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook