Setting Firewall Rules for Incoming Socket Connections
To set incoming connection rules, select 1. Incoming Connection Rules from the Incoming/Outgoing Connection Rules screen. The Work with Incoming Connection Rules screen appears:
| Work with Incoming Connection Rules Position to . . Type options, press Enter. Subset by text. 1=Select 4=Remove by port. Opt Rule ID Source IP-Group Allowed to Connect to Port-range ACPT-EVGNY EVGENY-PC RLDEV 21 ACPT-TZION TZION-PC RLDEV 21 22 ALEXANDRA RLDEV RAZLEE3A-4-ALEXANDRA 21 ALEXANDRA1 ALEXPC ALEXANDRA 7 11 ALEXANDRA3 TZION-PC ALEXANDRA1 2 FOR DEMO ALL WORLD RLDEV 21 FVG TZION-PC RLDEV 50 NOGA3 *NONE RLDEV 28 90 Bottom Unmentioned Ports are allowed. F3=Exit F6=Add new F8=Work with IP-Groups F9=IP-Group info (by cursor) |
Each line on the body of the screen describes a single rule. Each rule is named with a unique Rule ID, It permits connections from IP addresses that are in the IP group (as shown in Defining IP-Groups for Socket Connections) indicated in the Source IP-Group field to IP addresses in the IP group listed in the Allowed to Connect to field using the port or range of ports indicated in the Port-range field. (IP-Groups whose names appear in red have not been defined.)
For example, the rule in the first line is named ACPT-EVGNY. It allows connections from the IP group EVGENY-PC to the IP group RLDEV through port 21.
To see a summary of information about an IP group, place the cursor on the name of the group and press the F9 key. A window appears with the information.
To change the settings of an existing rule, enter 1 in the Opt field for that line. The Change Incoming Communication Traffic Rules screen appears:
| Change Incoming Communication Traffic Rules Type choices, press Enter. Rule ID . . . . . . ACPT-EVGNY Source IP-Group . . EVGENY-PC Is allowed to access: Destination IP-Group RLDEV Port range - From. . 21 1-65535 To . . Leave empty for *SAME Invalid Incoming Traffic Rules may block access to the specified ports. F3=Exit F4=Prompt F8=Work with IP-Group |
The fields on this screen correspond to those on the previous screen:
Rule ID
The name that the rule was given when created. (Read-Only)
Source IP-Group
The IP-Group from which the rule allows access. To select from a list of existing IP-Groups or to create one (as shown in [[? FILL THIS IN ?]], press the F4 key.
Destination IP-Group
The IP-Group to which the rule allows access. To select from a list of existing IP-Groups or to create one (as shown in [[? FILL THIS IN ?]], press the F4 key.
Port range - From
The number of the port, or the lowest number in the port range, to which the rule gives access.
Port range - To
The highest number in the port range to which the rule gives access. If the rule is for a single port, leave this field empty.
To create a new rule, press the F6 key on the Work with Incoming Connection Rules screen. The Add Incoming Communication Traffic Rules screen appears. It is the same as the Change Incoming Communication Traffic Rules screen, except that you must enter a name for the new rule in the Rule ID field.