You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I tried to use the "Service endpoint list" configuration option to allow inbound SSH connection to my machine. I want to allow inbound connections to tcp/22 from any host as well as any localhost-only traffic.
What I expected to happen:
I expected that the following settings value would allow inbound SSH from everywhere and all localhost-only traffic:
+ * tcp/22, + localhost, - *
What happened instead
Instead, I encountered multiple issues:
+ localhost (+ Localhost; the default) is an invalid value (regex mismatch). It seems like + localhost. (notice the dot at the end) does work. So even the default value is invalid.
+ * tcp/22 does not allow inbound SSH connections. Instead, it allows inbound connections to every port only if the connection source used tcp/22 as the source port. This behavior does not make any sense at all for incoming connections.
How to reproduce it (as minimally and precisely as possible):
Described above.
The text was updated successfully, but these errors were encountered:
This was actually implemented as you expected it in Portmaster v0.3.x. During the big v0.4 revamp this logic we re-implemented to fit the new uniform configuration system. I left the logic for inbound and outbound matching the same, because I did not expect ports to be used for inbound connections, as you would normally always set this on a specific program, like sshd, and not globally.
Relabeling as a feature as the current functionality is as desired, but can be improved.
dhaavi
added
suggestion
TYPE: idea for new feature or improvements
and removed
bug
TYPE: a report on something that isn't working
labels
Aug 12, 2020
dhaavi
changed the title
Multiple issues with Service endpoint list (incoming connection management)
Use destination port for Service Endpoint List matching
Aug 12, 2020
What I wanted to do:
I tried to use the "Service endpoint list" configuration option to allow inbound SSH connection to my machine. I want to allow inbound connections to tcp/22 from any host as well as any localhost-only traffic.
What I expected to happen:
I expected that the following settings value would allow inbound SSH from everywhere and all localhost-only traffic:
What happened instead
Instead, I encountered multiple issues:
+ localhost
(+ Localhost
; the default) is an invalid value (regex mismatch). It seems like+ localhost.
(notice the dot at the end) does work. So even the default value is invalid.+ * tcp/22
does not allow inbound SSH connections. Instead, it allows inbound connections to every port only if the connection source used tcp/22 as the source port. This behavior does not make any sense at all for incoming connections.How to reproduce it (as minimally and precisely as possible):
Described above.
The text was updated successfully, but these errors were encountered: