Creating expert firewall rules

Creating expert firewall rules involves specifying the source or destination of the network traffic to which the rule applies, setting tracking options, and specifying the action of the rule: whether to block or to allow traffic that meets the specifications of the rule. You can create new rules from scratch, or you can copy an existing rule and modify its properties.

To create a new expert firewall rule:

Select Firewall|Expert, then click Add.



The Add rule dialog appears.

In the General area, specify the rule settings.
Rank	The order in which rules will be enforced. A rule with a rank of 1 is enforced first.
Name	Provide a descriptive name for the rule.
State	Specify whether the rule is enabled or disabled.
Action	Indicates whether to block or allow traffic that matches this rule.
Track	Indicates whether to log, alert and log, or do nothing when the expert rule is enforced.
Comments	Optional field for entering notes about the expert rule.



In the Source area, select a location from the list, or click Modify, then select Add location from the shortcut menu.You can add any number of sources to a rule.
My Computer	Applies the expert rule to traffic originating on your computer.
Trusted Zone	Applies the expert rule to network traffic from sources in your Trusted Zone.
Internet Zone	Applies the expert rule to network traffic from sources in your Internet Zone.
All	Applies the expert rule to network traffic coming from any source.
Host/Site	Applies the expert rule to network traffic coming from specified domain name.
IP Address	Applies the expert rule to network traffic coming from specified IP address.
IP Range	Applies the expert rule to network traffic coming from a computer within the specified IP range.
Subnet	Applies the expert rule to network traffic coming from a computer within the specified subnet.
Gateway	Applies the expert rule to network traffic coming from a computer on the specified gateway.
New Group	Choose this option, then click Add to create a new location group to apply to the expert rule.
Existing Group	Choose this option to select one or more location groups to apply to the expert rule, then click OK.



In the Destination area, select a location from the list, or click Modify, then select Add location from the shortcut menu.



Available location types are the same for Source and Destination locations.

In the Protocol area, select a protocol from the list, or click Modify, then select Add Protocol.
Add Protocol	Choose this option to add a protocol to the rule. Specify: TCP, UDP, TCP + UDP, ICMP, IGMP, or Custom.
New Group	Choose this option, then click Add to create a new protocol group to apply to the expert rule.
Existing Group	Choose this option to select one or more protocol groups to apply to the expert rule, then click OK.



In the Time area, select a time from the list, or click Modify, then select Add Time.
Day/Time Range	Choose this option to add a day/time range to the rule. Specify a description, time range and one or more days. Time range is specified using a 24 hour clock.
New Group	Choose this option, then click Add to create a new day/time group to apply to the expert rule.
Existing Group	Choose this option to select one or more day/time groups to apply to the expert rule, then click OK.



Click OK.

To create a new rule from an existing rule:

Select Firewall|Expert.


Select the expert firewall rule you want to duplicate, then either press Ctrl+C or right-click the rule and choose Copy.


Paste the copied rule either by pressing Ctrl+V, or by right-clicking and choosing Paste.
A "1" is appended to the name of the copied rule. If you paste a rule a second time, the number 2 is appended to the second rule copied.
If a rule is currently selected in the list, the pasted rule will be inserted above the selected rule. If no rule is selected, the pasted rule will be inserted at the top of the rules list.



Click Apply to save your changes.


Right-click the new rule and choose Edit, to modify the rule properties as necessary.