0

I have a Spring boot application that for now accepts requests from all connections on port 8443, Wi-Fi and ethernet. The application runs on a laptop with Windows 10.

I want to add firewall rules to the laptop so that only requests that come from ethernet are allowed.

Is that possible? If so how?

Giacomo1968
  • 55,001
mnish
  • 121
  • 4
  • 1
    No - not in any practical way – John Jan 20 '24 at 13:00
  • @John, Thank you for your answer. In the advanced tab under the properties of each firewall rule there is a section called interface types, which you can customize. In the customization section you can choose among LAN, Remote access and Wireless to which the rule may apply. I would say this could offer a permanent solution, what do you think? – mnish Jan 21 '24 at 10:49
  • 1
    You would have to experiment for pros and cons of what you propose. – John Jan 21 '24 at 13:22

2 Answers2

0

You need a way to distinguish between the two types of requests, and this is only possible by changing the settings of your router.

If your router is also the DHCP server, and if it allows changing the the IP ranges that it allocates to wired and WiFi connections, so that WiFi connections get IP addresses that are distinct from ethernet IP addresses, then you may add a firewall rule that disallows connections to port 8443 on the IP addresses range for WiFi.

If this is not possible for your router model, then there is no way to distinguish between the two types of connection.

harrymc
  • 480,290
  • Thank you for your answer. In the advanced tab under the properties of each firewall rule there is a section called interface types, which you can customize. In the customization section you can choose among LAN, Remote access and Wireless to which the rule may apply. I would say this could offer a permanent solution, what do you think? – mnish Jan 21 '24 at 10:48
  • This sounds like exactly what I thought you should look for, a way to distinguish between the two networks. – harrymc Jan 21 '24 at 11:26
0

You COULD run a ping to said device.

If your network isn't nothing special, if it takes more than 2 ms, than it's probably wireless.

On my really-good wireless network, I'm getting 5-7ms for wireless device. In a regular home network, it'll be much worse.

Just check the timing pinging from your PC to your phone or something, to see the expected range of ms. Also run a test from PC to router, to make sure it is consistant 1-2ms.

That's kinda janky, but might actually do the trick, if you don't expect mass deployment soon.

Netan
  • 726