Services
A service is basically a definition of a specific IP protocol with corresponding parameters. The service http, for instance, is defined as to use the TCP protocol with destination port 80.
Services are simplistic, in that they cannot carry out any action in the firewall on their own. Thus, a service definition does not include any information whether the service should be allowed through the firewall or not. That decision is made entirely by the firewall policies, in which the service is used as a filter parameter.
Adding TCP, UDP or TCP/UDP Service
For many services, a single destination port is sufficient. The http service, for instance, is using destination port 80. To use a single destination port, enter the port number in the destination ports text box. In most cases, all ports
Multiple ranges or individual ports may also be entered, separated by commas. For instance, a service can be defined as having source ports
Follow these steps to add a TCP, UDP or TCP/UDP service.
Step 1. Go to Firewall and Service and choose add new.
Step 2. Enter a Name for the service in the name field. This name will appear in the service list when you add a new policy. The name can contain numbers
Step 3. Select TCP/UDP Service.
Step 4. Select the protocol (either TCP, UDP or both TCP/UDP) used by the service.
Step 5. Specify a source port or range for this service by typing in the low and high port numbers. Enter
Step 6. Specify a destination port or range for this service by typing in the low and high port numbers. Enter
Step 7. Enable the Syn Relay checkbox if you want to protect the destination from SYN flood attacks.
Click the Apply button below to apply the change or click Cancel to discard changes.
44
