Firewall rules Page
Use this page to control the flow of traffic through the Smoothwall Firewall, and among network zones, by managing security rules.
Navigation: NETWORK > Firewall > Firewall rules.
| Firewall rules | |||||||
|---|---|---|---|---|---|---|---|
| Add section | Opens the Add section dialog box. | ||||||
| Expand all | Expands the view to show all the rules under each of the sections. | ||||||
| Collapse all | Collapses the view so that you hide all the rules under the sections. | ||||||
| Name | A meaningful Name for the rule. If logging is to be turned on for this rule, the rule name is included in log entries. From the Smoothwall Firewall log viewer, you can click the rule name to return to this page. | ||||||
| Source IPs | The Source IP addresses relevant for this rule. To apply this rule to all IP addresses, use Inbound interfaces instead. Use either the Search facility at the top of the box or use the scroll bar to find the relevant address objects or object groups. A combination of both can be used in a rule. You can also exclude the source IP address. Typically, you use this when including an IP address subnet, but have one or two addresses within that subnet where the rule doesn't apply. If no IP addresses are selected for this rule, Any is shown in the Firewall rules table, meaning all IP addresses are processed. | ||||||
| Inbound interfaces | The relevant Inbound interfaces network traffic arrives at. Use this option instead of Source IP addresses to apply this rule to all traffic using these interfaces. If no interfaces are selected for this rule, Any is shown in the Firewall rules table, meaning all interfaces are used for this rule. | ||||||
| Destination IPs | The Destination IP addresses this rule forwards traffic to. To apply this rule to all IP addresses, use Outbound interfaces instead. You can also exclude the destination IPs. Typically, you use this when including an IP address subnet, but have one or two addresses within that subnet where the rule doesn't apply. If no IP addresses are selected for this rule, Any is shown in the Firewall rules table, meaning all IP addresses are processed. | ||||||
| Outbound interfaces | The relevant Outbound interfaces network traffic is routed out through. Use this option instead of Destination IP addresses to apply this rule to all traffic destined to these interfaces. If no interfaces are selected for this rule, Any is shown in the Firewall rules table, meaning all interfaces are used for this rule. | ||||||
| Services | The Services relevant for this rule. Leave blank to include all services. Any service objects and object groups created here are also made available for use in future rules, or existing rule amendments. If no services are selected for this rule, Any is shown under Services in the Firewall rules table, meaning all services received are processed. | ||||||
| Apps | Those Applications (Apps) that, when detected, have their network traffic blocked. You can't create an Accept rule that allows access to specific applications. All applications are allowed through by default. | ||||||
| Groups | The groups for which the rule applies. Group members are identified by their IP address. A user doesn't need to be logged into be considered a member of a group; traffic from those IP addresses is assumed to be from those group members. You can create rules for traffic that ORIGINATES from groups. You can't create rules that allow traffic TO user groups. If no groups are selected for this rule, Any is shown under Groups in the Firewall rules table. | ||||||
| Action |
The action that you want the rule to undertake and that the Smoothwall Firewall performs for this traffic:
|
||||||
| Log | Indicates if the rule logs matching network connections to the Smoothwall Firewall log. | ||||||
| Enabled | Indicates if the rule is turned on. | ||||||