Support

Support for business applications

Kaspersky Embedded Systems Security for Linux

Firewall Management task (Firewall_Management, ID:12)

About dynamic rules

Kaspersky Embedded Systems Security for Linux
Online Help
FAQ Download Forum Contact support Recovery tools

About dynamic rules

February 15, 2024

ID 198001

Kaspersky Embedded Systems Security allows dynamic rules to be added to, or deleted from, the firewall to ensure the application works properly. For example, Network Agent adds dynamic rules that allow connections to Kaspersky Security Center initiated by the application or by Kaspersky Security Center. The rules of the Anti-Cryptor are also dynamic.

Kaspersky Embedded Systems Security does not control dynamic rules and does not block application components' access to network resources. Dynamic rules do not depend on Firewall Management status (started/stopped) or on changes in the Firewall Management settings. The execution priority of dynamic rules is higher than the priority of network packet rules. The application restores a set of dynamic rules if any of them are deleted, for example, by using the iptables utility.

You can view the set of dynamic rules (using the kess-control -F --query command); however the dynamic rules settings cannot be modified.

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.