Configuring a list of network packet rules in the command line

To add a network packet rule, execute the following command:

kesl-control --add-rule [--name <rule name>] [--action <action>] [--protocol <protocol>] [--direction <direction>] [--remote <remote address>[:<port range>]] [--local <local address>[:<port range>]] [--at <index>]

where:

Parameters that you do not specify values for in the command are set to their default values.

Examples:

To create a rule that blocks all incoming and established connections to TCP port 23, execute the following command:

kesl-control --add-rule --name Block_Telnet --action Block --direction in --protocol TCP --local any:23 --remote any

To create a rule that blocks incoming and established connections via the TCP port 23 for the Public network zone, execute the following command:

kesl-control --add-rule --name Block_Telnet --action Block --direction in --protocol TCP --local any:23 --remote Public

To delete a network packet rule, execute one of the following commands:

where:

If the list of network packet rules contains multiple rules with an identical name or does not contain a rule with a specified name or index, an error occurs.

To change a network packet rule's execution priority, execute one of the following commands:

where:

Page top