All network connections on your computer are monitored by Firewall. Firewall assigns a specific status to each connection and applies various rules for filtering of network activity depending on that status, thus, it allows or blocks a network activity. Firewall works based on rules of two types: packet rules and rules for applications.
Packet rules have a higher priority compared to the application rules. If both packet rules and application rules are applied to the same type of network activity, this network activity will be processed using the batch rules. Packet rules are used in order to restrict packets transfering regardless applications.
You can specify an action performed by Firewall if it detects the network activity:
- By application rules. The packet rule is not used, but the rule for the application is used.
The Allow or Block rules can be logged. In order to do this, check the Log events box.
If you want to create a packet rule you need to set network service in the Name field. Network service contains types of network activities, which are restricted according to a network rule. You can select the type of network activity or type a new service manually.
You can specify the Protocol which will be used to monitor network activity. Firewall restricts connections via TCP, UDP, ICMP, ICMPv6, IGMP and GRE protocols. If you selected ICMP or ICMPv6 protocol, then you can specify a type and a code of a ICMP packet.
By default the Protocol box is clear.
Also you can specify the Direction monitored network activity. Firewall controls connections with the following directions:
Inbound. The rule is for data packets received by your computer
Inbound (stream). The rule is for network connections created from another computer.
Inbound / Outbound. The rule is for inbound and outbound data packets and data streams regardless the direction.
Outbound. The rule is for data packets sent from your computer.
Outbound (stream). The rule is only for network connections created by your computer.
Remote and Local ports. You can specify ports which are used by your and remote computers for TCP and UDP protocols. These ports will be controlled by Firewall.
For TCP and UDP protocols, you can specify Remote and Local ports.
You can also specify network addresses. You can use an IP address as the network address or specify the network status. In the latter case the addresses will be copied from all networks that are connected and have the specified status at the moment.
You can select one of the following addresses types:
Remote address. Select the required group of remote addresses. If there are no required groups, then you can create a new group. To do so, click the Add link and specify the addresses from the group in the IP address or DNS name window.
In order to create packet rule, perform the following actions:
in the left part of the main application window, go to the Protection Center tab
in the right upper corner click Settings
in the left part of the Settings window, select Firewall
make sure that the Firewall component is enabled (the Enable Firewall box is checked)
in the right part of the Settings window, click the Settings... button
in the Firewall window, go to the Packet rules tab
click the Add button
in the Network rule window in the Action section select:
By application rules
in the Name section select the service from the list or type the name manually
check the Protocol box and select the required protocol type
specify the Direction of monitored network activity
in the Remote ports and Local ports sections specify the required ports which will be monitored
in the Address section select the required addresses type:
Subnetwork addresses. Select the network status: Trusted networks, Local networks, Public networks
Addresses from the list. You can specify Remote and Local addresses. Select one of the address groups. If there are no address groups you want to add, you can create a new group.To do so, click the Add link and specify the addresses from the group in the IP address or DNS name window
check the Log events, boxif you want to log actions performed according to the rule
after the finish to create the packet rule, click the OK button in the Network rule window
the created rule appears in the list of packet rules
click the OK button in the Firewall window
in the Settings window click the OK button
close the main application window.