Creating expert firewall rules
Creating expert firewall rules involves specifying the source or destination of the network traffic to which the rule applies, setting tracking options, and specifying the action of the rule: whether to block or to allow traffic that meets the specifications of the rule. You can create new rules from scratch, or you can copy an existing rule and modify its properties.
To create a new expert firewall rule:
- Select COMPUTER | Advanced Firewall| Settings | Expert Rules, then click Add.
The Add rule dialog appears.
- In the General area, specify the rule settings.
Rank
|
The order in which rules will be enforced. A rule with a rank of 1 is enforced first.
|
Name
|
Provide a descriptive name for the rule.
|
State
|
Specify whether the rule is enabled or disabled.
|
Action
|
Indicates whether to block or allow traffic that matches this rule.
|
Track
|
Indicates whether to log, alert and log, or do nothing when the expert rule is enforced.
|
Comments
|
Optional field for entering notes about the expert rule.
|
- In the Source area, select a location from the list, or click Modify, then select Add location from the shortcut menu. You can add any number of sources to a rule.
My Computer
|
Applies the expert rule to traffic originating on your computer.
|
Trusted Zone
|
Applies the expert rule to network traffic from sources in your Trusted Zone.
|
Public Zone
|
Applies the expert rule to network traffic from sources in your Public Zone.
|
All
|
Applies the expert rule to network traffic coming from any source.
|
Host/Site
|
Applies the expert rule to network traffic coming from specified domain name.
|
IP Address
|
Applies the expert rule to network traffic coming from specified IP address.
|
IP Range
|
Applies the expert rule to network traffic coming from a computer within the specified IP range.
|
Subnet
|
Applies the expert rule to network traffic coming from a computer within the specified subnet.
|
Gateway
|
Applies the expert rule to network traffic coming from a computer on the specified gateway.
|
New Group
|
Choose this option, then click Add to create a new location group to apply to the expert rule.
|
Existing Group
|
Choose this option to select one or more location groups to apply to the expert rule, then click OK.
|
- In the Destination area, select a location from the list, or click Modify, then select Add location from the shortcut menu.
Available location types are the same for Source and Destination locations.
- In the Protocol area, select a protocol from the list, or click Modify, then select Add Protocol.
Add Protocol
|
Choose this option to add a protocol to the rule. Specify: TCP, UDP, TCP + UDP, ICMP, IGMP, or Custom and refer to Step 5 of Creating a protocol group for help with this dialog.
|
New Group
|
Choose this option, then click Add to create a new protocol group to apply to the expert rule. See Creating a protocol group for help with this dialog.
|
Existing Group
|
Choose this option to select one or more protocol groups to apply to the expert rule, then click OK.
|
- In the Time area, select a time from the list, or click Modify, then select Add Time.
Day/Time Range
|
Choose this option to add a day/time range to the rule. Specify a description, time range and one or more days. Time range is specified using a 24 hour clock.
|
New Group
|
Choose this option, then click Add to create a new day/time group to apply to the expert rule.
|
Existing Group
|
Choose this option to select one or more day/time groups to apply to the expert rule, then click OK.
|
- Click OK.
To create a new rule from an existing rule:
- Select Firewall|Expert.
- Select the expert firewall rule you want to duplicate, then either press Ctrl+C or right-click the rule and choose Copy.
- Paste the copied rule either by pressing Ctrl+V, or by right-clicking and choosing Paste.
|
Note - If a rule is currently selected in the list, the pasted rule will be inserted above the selected rule. If no rule is selected, the pasted rule will be inserted at the top of the rules list.
A "1" is appended to the name of the copied rule. If you paste a rule a second time, the number 2 is appended to the second rule copied.
|
- Click Apply to save your changes.
- Right-click the new rule and choose Edit to modify the rule properties as necessary.
|
|