See also: Irbis Firewall Configuration Dialog Custom Security Level Configuration Dialog
The Rulesets Configuration Panel allows you to manage rulesets that are used while filtering incoming and outgoing IP packets through the IP interfaces on your computer. Each ruleset has a default policy and a set of exception rules.
When default policy is Permit packets, any packet accepted by any rule is processed as rule specifies, and a packet not accepted by all the rules is allowed to be sent or received. When default policy is Drop packets, any packet accepted by any rule is processed as rule specifies, and a packet not accepted by all the rules is rejected (destroyed).
By default, if policy is Drop packets, all
dropped packets are logged. But if you don't need log files, you can
select
Create ruleset
Calls the ruleset creation wizard for creating a new ruleset
Rename ruleset
Allows you to rename the selected ruleset
Delete ruleset
Removes the selected ruleset
Move up
Move selected rule to the beginning of rules list
Move down
Move selected rule to the end of rules list
Add rule
Adds a new exception rule to the selected ruleset
Edit rule
Shows selected rule' properties dialog
Input template ...
Adds a new exception rule to the selected ruleset
using input rules templates
Output template ...
Adds a new exception rule to the selected ruleset
using output rules templates
Delete rule
Removes the exception rule from the selected ruleset
Default policy
Allows you to change the default policy for the selected ruleset
Logging option
Enables or disables logging of packets that do not complies
with any of exception rules and were processed in accordance
with default policy
Exception-rule table columns
Protocol
Protocol declared in the packet header
Source
The IP address of the packet sender, and source port number(s) if protocol
is UDP or TCP. IP address may be a subnet address, or a special address.
There are some kinds of special addresses:
Destination
IP address of the packet destination and port number(s) if protocol
is TCP or UDP. This IP-address can be a special address
Action
Describes action that should be applied to the packets that complies with
this rule. There can be two kinds of action: drop means that this
packet will be dropped, and pass means that packet should be
passed and processed by operating system or application
Log
Tells Irbis Firewall to log or not to log this packet. If you
set Log option in some rule it means that all packets that
complies with this rule will be logged any way. This feature allows
you to log passed and denied packets and gives you advanced logging
control (new to Irbis Firewall version 1.3.3)
Alert
Tells Irbis Firewall do not alert you if such packet is found
and logged. By default, Irbis Firewall shows notification windows
if it detect packet that should be logged
Options
Advanced options for the rule. It can contain ICMP type and code
description, or packet TCP flags. Now there is two flags supported,
they are called established and connect request. Established means that
packet is accepted by this rule only if it has not SYN flag set,
connection request means any set of TCP flags