Rules Window
This section is an extension of what was covered in Application Level Filtering. The rules for applications can be set in the following Rules dialog box accessed by clicking Options > Application, selecting an application on the list, then clicking Modify.
Figure 27
Rules Window
IMPORTANT: We recommend that only people who understand networking protocols use this dialog box.
First, describe the Event to which the rule applies. You can select from the following criteria for your rule in the Select the Event section:
Checking an event's check box adds its message to the Rules Description field. If a rule is listed as undefined, you should click it and select one of its options.
Then select one of the following actions for your rule in the Action section:
Deny It---Drops the packet. The source is not notified, so it appears that the packet never arrived at the destination.
Reject It--- Drops the packet and sends "The host (or port) unreachable" message to the source.
Report It ---Displays a message box when a rule is triggered.
Run Application--- Runs any application when a rule is triggered.
Stateful Inspection--- Turns on "stateful inspection" for this application. If activated after an application connects to a remote server, all incoming communications from that server to a port opened by the application will be allowed.
The final step is to assign a name to the rule. We recommend that you give a logical name to the rule, so it will be easy for you or others to recognize it in the future. In addition, the name you give your rule appears in the Allowed or Blocked log as the reason for allowing or blocking this communication.
HINT: Here is a quick summary of how Rules for Applications and Global Application and System Rules are used in NCF. When an application tries to go online, NCF checks if there are any rules for that application in the Application Rules list and, if so, NCF uses those rules and ignores the Global Application and System Rules. Otherwise, NCF checks for rules matching the activity of the application in the Global Applications and System Rules list and uses any that apply.