A network that can only be used for remote desktop.
Check the manual for more information.
| Code Block | ||
|---|---|---|
| ||
accept ethertype arp; # so nodes can find each other drop not ipprotocol tcp; accept dport 3389; # Destination is RDP drop chr tcp_syn and not chr tcp_ack; # No new TCP connections (except RDP) accept; # Accept what's left, returning RDP traffic |
This is a common request, but we’re not sure this is best pattern for rules. See the manual and the other examples in the wiki.
In particular, this has the disadvantage of blocking RDP’s UDP mode.