Irbis Firewall is a firewall application developed for using on
Microsoft Windows 2000, Windows XP and Windows ME operating systems.
The primary function of Irbis Firewall is filtration of the IP-packets
based on the network-level fields of packets, such as source and
destination addresses, source and destination ports, ICMP messages
types and codes. Irbis Firewall doesn't filter packets on the
application-level for not to decrease Windows functioning safety
by installing necessary drivers.
Irbis Firewall distributive package contains four programs::
- Irbis Firewall filter and management application (Irbis.exe),
which allows you to configure Irbis Firewall easily and monitor its
work. This application can also work as a packet filter if service
application is not active
- The service application (IrbisSVC.exe), which works in the
service (background) mode when the Service mode is on
- Irbis Firewall Irbis Firewall Log Export application
(LogExport.exe) for exporting Irbis Firewall log files from
the internal format to text files
- Irbis Firewall Log Viewer (ILogMon.exe), which allows
you monitoring Irbis Firewall log files without running the
control application.
After startup Irbis Firewall automatically starts
the process of packet filtration. The filtration is applied to all the
packets sent or received through any IP-interface. Irbis Firewall also
tracks activation and deactivation of interfaces, and applies separate
filtering rules to each active interface. This technology makes
Irbis Firewall protection very flexible and allows you to customize
the network activity of your computer.
Binding is a process which associates
input and output filtering rulesets with an active IP-interface.
While binding rulesets to interfaces, Irbis Firewall uses the
binding table, which defines rulesets applied to the IP-interface.
Binding table is created automatically if you use one of the
standard security levels selected on the
Security panel of the
Configuration Dialog. If you use
your own configuration, you can define
your own binding table.
The required binding is selected according
to the following principles: bindings are searched in order of
increasing the net size defined by the Network mask
value, i.e. bindings for a smaller subnet are of more priority.
If required binding is not found in the table, the
default binding is used.
Filters (also called as Rulesets) are sets of rules
(see Rulesets Configuration Panel
for details). These sets describe the packets that should be accepted or
rejected. While creating rules, you may use Areas (areas are sets of
IP-addresses, see Areas Configuration Panel
for details). Areas allows you to group any set of hosts so you can use them
as a single address.
Irbis Firewall also supports special addresses. These addresses
are evaluated only when ruleset that contains such special address is
bound to IP-interface. Here is a list of such addresses:
- local - IP-address of interface itself
- local net - IP-address of subnet that interface belongs to
- subnet broadcast - broadcast address of subnet that interface belongs to
- nameservers - all DNS servers
- broadcast - all-broadcast address 255.255.255.255
- any - any IP-address (0.0.0.0/0.0.0.0)
The last two special addresses always have the same value, and were
designed to improve IPv6 support in future releases
Additional capabilities
Irbis Firewall has an embedded HTTP proxy server.
This server is not enabled by default, so you have to use the
Proxy Server Configuration dialog to enable it.
A proxy-server supports CONNECT, GET, HEAD and POST methods, and allows you
to control access with the following conditions:
- Client computer IP-address
- Server address
- Part of server address
- Requested document name
- Part of requested document name
- Request method
|