This commit is contained in:
Nico Schottelius 2019-11-07 19:04:52 +01:00
parent 5bdf5d30df
commit 94f4274e8f
1 changed files with 16 additions and 0 deletions

View File

@ -92,6 +92,22 @@ restrict the ports to be used for ssh. You can either use **sets**
tcp dport {23, 25, 80, 443 } redirect to :ssh
```
(just replace the *tcp dport != ...* line above)!
## "Good ports"
Over time you will see that there are some ports which are more likely
to be open, even if the network filters your traffic. Some well known
ports for this are:
* 80: regular http traffic
* 53: DNS, uses UDP by default, but TCP is also part of the standard
* 443: usually has encrypted https traffic
* 783: smtp submission port for sending out emails
Of course, if the filtering uses deep packet inspection, this will
fail, but then there are other solutions for that... stay tuned!!
## More of it?
If you are interested in more of this, we invite you to join our