You can manually add a network packet rule.
You can add only one network packet rule at a time.
To add a network packet rule, execute the following command:
kesl-control -F --add-rule --name <rule name> --action <action> --protocol <protocol> --direction <direction> --remote <remote address> --local <local address> --at <index in a list of network packet rules>
A section containing new network packet rule settings is added to the Firewall Management task configuration file. If you did not specify a certain setting in the command, the default value is set.
The --at setting lets you specify the index of the created rule in the list of network packet rules. If the --at setting is not specified or its value is larger than the number of rules in the list, the new rule is added to the end of the list.
Examples: To create a rule that blocks all incoming and established connections to TCP port 23, execute the following command:
To create a rule that blocks incoming and established connections via the TCP port 23 for the Public network zone, execute the following command:
|