TCP & UDP Inbound/Outbound direction query

[keys]

I've read that UDP is directionless so that specifying whether it's Inbound or Outbound is pointless. Is this true?

Secondly, when setting rules do you specify Local Port for TCP and Remote Port for UDP? Is this correct?

[Manny Carvalho]

Well, maybe it would be better described as stateless rather than directionless. UDP does know which direction it is going but it performs no error checking. Unlike TCP it's a simple but unreliable protocol. It does no hand shaking, ordering or reliability checks. Consequently, UDP packets can arrive out of order, be duplicated or simply go missing.

The one good thing it does is that it's quick and largely used for the all important DNS queries. The UDP protocol, even though unreliable, is a major factor in using the internet and making it a good experience.

Because it is a stateless protocol it's best that direction is left out of the firewall rules but ports are useful since they are defined. It's useful, for instance, to control a DNS response to remort port 53 since that's where it should have come from. This is implied in section D of the Secure Configuration FAQ: http://www.outpostfirewall.com/forum...ead.php?t=9858

Controlling local ports is another matter since they are assigned in a random manner. It's usually best to not include them unless you have a special reason for such tight control.