Support

Support for business applications

Kaspersky Endpoint Security 10 for Linux ARM Edition

Firewall Management task (Firewall_Manager ID:12)

Adding network packet rule

Kaspersky Endpoint Security 10 for Linux ARM Edition
Knowledge Base Online Help
FAQ System requirements Forum Contact support Recovery tools Product videos

Adding network packet rule

January 20, 2022

ID 161956

You can manually add a network packet rule.

You can add only one network packet rule at a time.

To add a network packet rule, execute the following command:

kesl-control -F --add-rule --name <rule name> --action <action> --protocol <protocol> --direction <direction> --remote <remote address> --local <local address> --at <index in a list of network packet rules>

A section containing new network packet rule settings is added to the Firewall Management task configuration file. If you did not specify a certain parameter in the command, the default value is set.

The –-at option lets you specify the index of the rule being created, in the list of network packet rules. If the –-at option is not specified, or its value is larger than the number of rules in the list, the new rule is added into the end of the list.

Examples:

To create a rule that blocks all incoming and established connections to TCP port 23, execute the following command:

kesl-control --add-rule --name Block_Telnet --action Block --direction in --protocol TCP --local any:23

--remote any

To create a rule that blocks incoming and established connections to TCP port 23 for the Public network zone, execute the following command:

kesl-control --add-rule --name Block_Telnet --action Block --direction in --protocol TCP --local any:23

--remote Public

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.