Firewall allows exporting network packet rules in XML format. Then you can modify the file to, for example, add a large number of rules of the same type.
The XML file contains two main nodes: Rules
and Resources
. The Rules
node lists network packet rules. This node contains rules configured by default (predefined rules) as well as rules added by the user (custom rules).
Network packet rule markup
<key name="0000">
<tDWORD name="RuleId">100</tDWORD>
<tDWORD name="RuleState">1</tDWORD>
<tDWORD name="RuleTypeId">4</tDWORD>
<tQWORD name="AppIdEx">0</tQWORD>
<tDWORD name="ResIdEx">812</tDWORD>
<tDWORD name="ResIdEx2">0</tDWORD>
<tDWORD name="AccessFlag">2</tDWORD>
</key>
Network packet rule settings in XML format
Parameter |
Description |
Value |
---|---|---|
|
Priority of the rule. The lower the value, the higher the priority. |
Integer The priority value must consist of 4 digits. The nodes in the XML file must be arranged by priority value, starting with |
|
ID of the rule. |
|
|
Status of the rule. |
|
|
ID of the rule type. |
|
|
ID of the application to which the network packet rule belongs. |
If the rule does not belong to any application, the value is |
|
Main ID of the resource with rule settings. You can use this identifier to locate a block with rule settings in the |
Integer |
|
ID of the network type. |
|
|
Value of the Action parameter. |
|
|
|
|
The Resources
node contains network packet rule settings. Custom network packet rule settings are listed in the <key name="0004">
block.
Custom network packet rule markup
<key name="0026">
<key name="Data">
<key name="RemotePorts"> </key>
<key name="LocalPorts"> </key>
<key name="AdapterBindings">
<key name="0000">
<key name="IpAddresses">
<key name="0000">
<key name="IP">
<key name="V6">
<tQWORD name="Hi">0</tQWORD>
<tQWORD name="Lo">0</tQWORD>
<tDWORD name="Zone">0</tDWORD>
<tSTRING name="ZoneStr"/>
</key>
<tBYTE name="Version">4</tBYTE>
<tDWORD name="V4">16909060</tDWORD>
<tBYTE name="Mask">32</tBYTE>
</key>
<key name="AddressIP"> </key>
<tSTRING name="Address"/>
</key>
</key>
<key name="MacAddresses">
<key name="0000">
<tDWORD name="Type">0</tDWORD>
<tQWORD name="AddressData0">1108152157446</tQWORD>
<tQWORD name="AddressData1">0</tQWORD>
</key>
</key>
<tSTRING name="AdapterName">ADAPTER TEST 123</tSTRING>
<tDWORD name="InterfaceType">3</tDWORD>
</key>
</key>
<tTYPE_ID name="unique">3213697024</tTYPE_ID>
<tBYTE name="Proto">2</tBYTE>
<tBYTE name="Direction">2</tBYTE>
<tBYTE name="IcmpType">0</tBYTE>
<tBYTE name="IcmpCode">0</tBYTE>
<tDWORD name="Flags">1</tDWORD>
<tBYTE name="TTL">255</tBYTE>
</key>
<key name="Childs"> </key>
<tDWORD name="Id">1073747214</tDWORD>
<tDWORD name="ParentID">7</tDWORD>
<tDWORD name="Flags">38</tDWORD>
<tSTRING name="Name">TEST1</tSTRING>
</key>
Custom network packet rule settings
Parameter |
Description |
Value |
---|---|---|
|
ID of the parameter block. |
Integer |
|
Value of the Remote ports parameter. |
List of remote port ranges. |
|
Value of the Local ports parameter. |
List of local port ranges. |
|
Value of the Network adapters parameter. |
|
|
Internal ID of the structure. |
Integer It is recommended to leave this parameter unchanged. |
|
Value of the Protocol parameter. |
|
|
Value of the Direction parameter. |
|
|
Value of the ICMP type parameter. |
|
|
Value of the ICMP code parameter. |
|
|
Structure attribute pointer. |
Integer It is recommended to leave this parameter unchanged. |
|
Value of the Time to live (TTL) parameter. |
Value in seconds. If disabled, the value is |
|
|
|
|
Main ID of the resource (see the |
Integer |
|
ID of the parent group. |
Integer It is recommended to leave this parameter unchanged. |
|
Status of the rule. |
|
|
Name of the network packet rule. |
String |