|
|
|
|
|
To add or edit a firewall rule
The Rules page appears.
next to the desired rule.The ZoneAlarm Firewall Rule wizard opens, with the Step 1: Rule Type dialog box displayed.
The Step 2: Service dialog box appears.
The example below shows an Allow and Forward rule.
The Step 3: Destination & Source dialog box appears.
New fields appear.
The Step 4: Rule Options dialog box appears.
The Step 5: Done dialog box appears.
The new rule appears in the Rules page.
|
|
|
Firewall Rule Fields
In this field… |
Do this… |
|---|---|
Any Service |
Click this option to specify that the rule should apply to any service. |
Standard Service |
Click this option to specify that the rule should apply to a specific standard service or a network service object. You must then select the desired service or network service object from the drop-down list. |
Custom Service |
Click this option to specify that the rule should apply to a specific non-standard service. The Protocol and Port Range fields are enabled. You must fill them in. |
Protocol |
Select the protocol for which the rule should apply (ESP, GRE, TCP, UDP, ICMP, IGMP, or OSPF). To specify that the rule should apply for any protocol, select ANY. To specify a protocol by number, select Other. The Protocol Number field appears. |
Port Range |
To specify the port range to which the rule applies, type the start port number in the left text box, and the end port number in the right text box. Note: If you do not enter a port range, the rule will apply to all ports. If you enter only one port number, the range will include only that port. |
Protocol Number |
Type the number of the protocol for which the rule should apply. |
Source |
Select the source of the connections you want to allow/block. To specify an IP address, select Specified IP and type the desired IP address in the field provided. To specify an IP address range, select Specified Range and type the desired IP address range in the fields provided. |
Destination |
Select the destination of the connections you want to allow or block. To specify an IP address, select Specified IP and type the desired IP address in the text box. To specify an IP address range, select Specified Range and type the desired IP address range in the fields provided. To specify the ZoneAlarm IP addresses, select This Gateway. To specify any destination except the ZoneAlarm Portal IP addresses, select ANY. |
If the current time is |
Select this option to specify that the rule should be applied only during certain hours of the day. You must then use the fields and drop-down lists provided, to specify the desired time range. |
Forward the connection to |
Select the destination to which matching connections should be forwarded. To specify an IP address, select Specified IP and type the desired IP address in the text box. This field only appears when defining an Allow and Forward rule. |
Redirect to port |
Select this option to redirect the connections to a specific port. You must then type the desired port in the field provided. This option is called Port Address Translation (PAT), and is only available when defining an Allow and Forward rule. |
Log accepted connections / |
Select this option to log the specified blocked or allowed connections. By default, accepted connections are not logged, and blocked connections are logged. You can modify this behavior by changing the check box's state. |