Firewall

Configuration options for the firewall

Table 1. Available fields in blickfeld.secure.config.Firewall
Field Type Default Unit

disable_insecure_network_ports

optional bool

-

-

Disable all insecure, unencrypted & unauthenticated, network interface ports.

[NOTE] This might break compatibility with client applications e.g. a normal HTTP call to http://qb2-xxxxx will fail.

flow_port_forwardings

repeated PortForwarding

-

-

The given ports are forwarded to custom applications in the blickfeld flow.

Port Forwarding

Rule for port forwarding

Table 2. Available fields in blickfeld.secure.config.Firewall.PortForwarding
Field Type Default Unit

port

uint32

-

-

Port which should be forwarded.

NOTE: Due to security policies, only ports between 10000 to 10099 are allowed.

from_ip_network

string

-

-

The port forwarding is only allowed for the given IP address or subnet.

The address should be specified in dot-decimal format (quad-dotted notation of four decimal integers, ranging from 0 to 255 each) including netmask prefix as follows "ip_address/prefix".