This question comes up a lot. Using winscp as an example. If you open a winscp session on source (18.104.22.168) and then attempt to move files to and from 22.214.171.124. Do you need a firewall rule in both directions? For example, suppose only the following firewall rule exists and that all traffic is blocked by default and that firewall is stateful. >
Source = 126.96.36.199 destination = 188.8.131.52 destination port = tcp/22 Action = Allow
In this scenario would you be allowed to move files in both directions within the same winscp session or would you only be allowed to move files from source to destination? It's a lot of extra work and an extra hole in the firewall to create the reverse rule if it's not necessary.
Reverse rule for reference > Source = 184.108.40.206 destination = 220.127.116.11 destination port = tcp/22 Action = Allow