How do I block a ranges of ports in HiveManager on User Profile?

  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
How can I set a filter in hive manager to block a port range e.g. udp port 27000-27030?

I can only seem to find options for adding individual ports.

I'm currently trying to block under a user profile -> user firewalls -> ip firewall policy

Hive 5.1r4

Is there another way?
Photo of John Humphreys

John Humphreys

  • 2 Posts
  • 0 Reply Likes

Posted 5 years ago

  • 1
Photo of Adam Conway

Adam Conway

  • 101 Posts
  • 55 Reply Likes
Hi John,
Unfortunately you have to set up separate rules.
Photo of Crowdie

Crowdie, Champ

  • 958 Posts
  • 269 Reply Likes
That is a firewall requirement that really needs to be added to forthcoming firmware releases. Being able to assign a port range to a firewall rule is not an unreasonable expectation.
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2485 Posts
  • 448 Reply Likes
To me, issues like this are akin to the teething problems that are commonly seen in relatively new software platforms such as HiveOS. They get exposed as and when wider deployment happens.

To a large extent it is inevitable as it is impossible to accommodate all use cases, certainly at inception, more of which get covered over time through iterative development.

While I do hope the ones that bite me get worked out pretty quickly, I appreciate the fact that often what I want to configure is not a common requirement. I suspect that may be the case for you here as it is certainly possible to configure a deny-all-except model that meets most restrictive use cases.
Photo of John Humphreys

John Humphreys

  • 2 Posts
  • 0 Reply Likes
I have a school with Different AP architecture. Xirrus and Aerohive.
We have no XMS at the school (way too costly) so I went in and configured on the xirrus this blocking rule first, fairly easily as they allow ranges. I then went to the aerohive HMOL to not find this ability. I think it's an oversite or naive that app's run on one port. I want to create profile for an app.

True I could do a deny-all-except but again it still doesn't help if I had the scenario of an app that I want to let out that uses multiple ports.
Photo of J. Goodnough

J. Goodnough, Champ

  • 265 Posts
  • 32 Reply Likes
It seems as of 6.1r3 this still has not been addressed.
Photo of Luke Harris

Luke Harris

  • 265 Posts
  • 18 Reply Likes
Has any more development been put into this?

EDIT:- Anything at all!?