To add a network packet rule, execute the following command:
kesl-control --add-rule [--name <rule name>] [--action <action>] [--protocol <protocol>] [--direction <direction>] [--remote <remote address>[:<port range>]] [--local <local address>[:<port range>]] [--at <index>]
where:
--name <rule name> is the name of the network packet rule.--action <action> is the action to be performed on connections specified in network packet rule.--protocol <protocol> is the type of data transfer protocol for which you want to monitor network activity.--direction <direction> is the direction of the monitored network activity.--remote <remote address[:<port range>]> is the network address of the remote device. You can specify the name of a predefined network zone as the remote address.--local <local address[:<port range>]> is the network address of the device with Kaspersky Endpoint Security installed.--at <index> is the index of rules in the list of network packet rules. If the --at key is not specified or its value is larger than the number of rules in the list, the new rule is added to the end of the list.Parameters that you do not specify values for in the command are set to their default values.
Examples: To create a rule that blocks all incoming and established connections to TCP port 23, execute the following command:
To create a rule that blocks incoming and established connections via the TCP port 23 for the Public network zone, execute the following command:
|
To delete a network packet rule, execute one of the following commands:
kesl-control --del-rule --name <rule name>kesl-control --del-rule --index <index>where:
--name <rule name> is the name of the network packet rule.--index <index> is the current index of rules in the list of network packet rules.If the list of network packet rules contains multiple rules with an identical name or does not contain a rule with a specified name or index, an error occurs.
To change a network packet rule's execution priority, execute one of the following commands:
kesl-control --move-rule --name <rule name> --at <index>kesl-control --move-rule --index <index> --at <index>where:
--name <rule name> is the name of the network packet rule.--index <index> is the current index of rules in the list of network packet rules.--at <index> is the new index of rules in the list of network packet rules.