30.3 Port/Protocol Rules

The port/protocol rules let you override the default behavior assigned to ports and protocols. A rule identifies one or more ports or protocols and the behavior to be applied to the ports and protocols.

For example, assume that you want to block streaming media. You would create a Streaming Media rule and close ports 554, 1755, 7070, and 8000 (the common Microsoft and RealMedia streaming media ports) to TCP communication.

The following table provides instructions for managing the policy’s port/protocol rules:

Task

Steps

Additional Details

Create a new rule

  1. Click Add > Create New.

  2. Fill in the following fields:

    Name: Specify a unique name for the rule. The name must be different than any other rule. For information about valid characters, see Naming Conventions in ZENworks Control Center.

    Description: This information is optional. You can provide text that helps identify the purpose, membership, creator, or owner of the rule.

    Default Behavior: Select one of the following behaviors:

    • Stateful: All unsolicited inbound network traffic is blocked. All outbound network traffic is allowed.

    • Open: All inbound and outbound network traffic is allowed

    • Closed: All inbound and outbound network traffic is blocked

    Port/Protocol Types: Specify the ports and protocols to add to the rule. To do so, click New, select the port type (TCP, UDP, or TCP/UDP) or the protocol type (Ether or IP). For TCP, UDP, and TCP/UDP, specify the starting and ending ports, then click OK to add the port to the rule. For Ether and IP, specify the starting and ending ether type or protocol type, then click OK to add the protocol to the rule.

    If you want to define a single port or protocol rather than a range, enter only a starting number.

    Define Another Rule: Select this option to create another port/protocol rule after you finish with this one.

  3. Click OK to save the rule.

 

Copy an existing rule from another policy

  1. Click Add > Copy Existing.

  2. Select the Firewall policies whose lists you want to copy.

  3. Click OK.

All rules included in the other Firewall policies are copied. If necessary, you can edit the copied rules after they are added to the list.

Import a rule from a policy export file

  1. Click Add > Import.

  2. Click to display the Select File dialog box.

  3. Click Browse, select the export file, then click OK.

  4. Click OK to add the rules to the list.

All rules included in the export file are imported. If necessary, you can edit the imported rules after they are added to the list.

For information about exporting rules, see Export a rule.

Enable or disable a rule

  1. Locate the rule in the list

  2. In the Enabled column, select the check box to enable the rule.

    or

    Deselect the check box to disable the rule.

When you add a rule it is enabled by default. You can disable a rule to save it in the policy but no longer apply it.

Edit a rule

  1. Click the rule name.

  2. Modify the fields as desired.

  3. Click OK.

 

Rename a rule

  1. Select the check box next to the rule name, then click Edit > Rename.

  2. Modify the name as desired.

  3. Click OK.

 

Export a rule

  1. Select the check box next to the rule name.

    You can select multiple rules to export.

  2. Click Edit > Export.

  3. Save the file.

    The default name given to the file is sharedComponents.xml. You can change the name if desired. Do not change the .xml extension.

 

Delete a rule

  1. Select the check box next to the rule name, then click Delete.

  2. Click OK to confirm deletion of the rule.