Print

Previous

Next

Creating expert firewall rules

Creating expert firewall rules involves specifying the source or destination of the network traffic to which the rule applies, setting tracking options, and specifying the action of the rule: whether to block or to allow traffic that meets the specifications of the rule. You can create new rules from scratch, or you can copy an existing rule and modify its properties.

To create a new expert firewall rule:

  1. Select COMPUTER | Advanced Firewall| Settings | Expert Rules, then click Add.

    The Add rule dialog appears.

  2. In the General area, specify the rule settings.

Rank

The order in which rules will be enforced. A rule with a rank of 1 is enforced first.

Name

Provide a descriptive name for the rule.

State

Specify whether the rule is enabled or disabled.

Action

Indicates whether to block or allow traffic that matches this rule.

Track

Indicates whether to log, alert and log, or do nothing when the expert rule is enforced.

Comments

Optional field for entering notes about the expert rule.

  1. In the Source area, select a location from the list, or click Modify, then select Add location from the shortcut menu. You can add any number of sources to a rule.

My Computer

Applies the expert rule to traffic originating on your computer.

Trusted Zone

Applies the expert rule to network traffic from sources in your Trusted Zone.

Public Zone

Applies the expert rule to network traffic from sources in your Public Zone.

All

Applies the expert rule to network traffic coming from any source.

Host/Site

Applies the expert rule to network traffic coming from specified domain name.

IP Address

Applies the expert rule to network traffic coming from specified IP address.

IP Range

Applies the expert rule to network traffic coming from a computer within the specified IP range.

Subnet

Applies the expert rule to network traffic coming from a computer within the specified subnet.

Gateway

Applies the expert rule to network traffic coming from a computer on the specified gateway.

New Group

Choose this option, then click Add to create a new location group to apply to the expert rule.

Existing Group

Choose this option to select one or more location groups to apply to the expert rule, then click OK.

  1. In the Destination area, select a location from the list, or click Modify, then select Add location from the shortcut menu.

    Available location types are the same for Source and Destination locations.

  2. In the Protocol area, select a protocol from the list, or click Modify, then select Add Protocol.

Add Protocol

Choose this option to add a protocol to the rule. Specify: TCP, UDP, TCP + UDP, ICMP, IGMP, or Custom and refer to Step 5 of Creating a protocol group for help with this dialog.

New Group

Choose this option, then click Add to create a new protocol group to apply to the expert rule. See Creating a protocol group for help with this dialog.

Existing Group

Choose this option to select one or more protocol groups to apply to the expert rule, then click OK.

  1. In the Time area, select a time from the list, or click Modify, then select Add Time.

Day/Time Range

Choose this option to add a day/time range to the rule. Specify a description, time range and one or more days. Time range is specified using a 24 hour clock.

New Group

Choose this option, then click Add to create a new day/time group to apply to the expert rule.

Existing Group

Choose this option to select one or more day/time groups to apply to the expert rule, then click OK.

  1. Click OK.

To create a new rule from an existing rule:

  1. Select Firewall|Expert.
  2. Select the expert firewall rule you want to duplicate, then either press Ctrl+C or right-click the rule and choose Copy.
  3. Paste the copied rule either by pressing Ctrl+V, or by right-clicking and choosing Paste.

Note - If a rule is currently selected in the list, the pasted rule will be inserted above the selected rule. If no rule is selected, the pasted rule will be inserted at the top of the rules list.

A "1" is appended to the name of the copied rule. If you paste a rule a second time, the number 2 is appended to the second rule copied.

  1. Click Apply to save your changes.
  2. Right-click the new rule and choose Edit to modify the rule properties as necessary.

See Also

Firewall protection

 
©2011 Check Point Software Technologies Ltd. All rights reserved. Some features are only in premium products