Irbis Firewall: Your personal firewall software for Windows XP/2000

Download the Firewall:
Blacklist updates:
Subscribe:
  • We just tried to make our software easy, powerful, compact and reliable. We hope we did it.
  • Irbis Development team
Custom Security Level Configuration Dialog - Rulesets

See also: Irbis Firewall Configuration Dialog > Custom Security Level Configuration Dialog

The Rulesets Configuration Panel allows you to manage rulesets that are used while filtering incoming and outgoing IP packets through the IP interfaces on your computer. Each ruleset has a default policy and a set of exception rules.

When default policy is Permit packets, any packet accepted by any rule is processed as rule specifies, and a packet not accepted by all the rules is allowed to be sent or received. When default policy is Drop packets, any packet accepted by any rule is processed as rule specifies, and a packet not accepted by all the rules is rejected (destroyed).

By default, if policy is Drop packets, all dropped packets are logged. But if you don't need log files, you can select Don't log packets as Logging options. Strictly recommended combination is:

  • Don't log packets if policy is permit packets
  • Log packets if policy is drop packets

Create ruleset
Calls the ruleset creation wizard for creating a new ruleset

Rename ruleset
Allows you to rename the selected ruleset

Delete ruleset
Removes the selected ruleset

Move up
Move selected rule to the beginning of rules list

Move down
Move selected rule to the end of rules list

Add rule
Adds a new exception rule to the selected ruleset

Edit rule
Shows selected rule' properties dialog

Input template ...
Adds a new exception rule to the selected ruleset using input rules templates

Output template ...
Adds a new exception rule to the selected ruleset using output rules templates

Delete rule
Removes the exception rule from the selected ruleset

Default policy
Allows you to change the default policy for the selected ruleset

Logging option
Enables or disables logging of packets that do not complies with any of exception rules and were processed in accordance with default policy

Exception-rule table columns

    Protocol
    Protocol declared in the packet header

    Source
    The IP address of the packet sender, and source port number(s) if protocol is UDP or TCP. IP address may be a subnet address, or a special address. There are some kinds of special addresses:

    • local - your computer IP address
    • local net - subnet address your computer connected to
    • any - any IP address
    • broadcast - broadcast address 255.255.255.255
    • net broadcast - broadcast address of the subnet your computer is connected to
    • area - link to the user-defined set of hosts (area). See Areas Configuration Panel for details

    Destination
    IP address of the packet destination and port number(s) if protocol is TCP or UDP. This IP-address can be a special address

    Action
    Describes action that should be applied to the packets that complies with this rule. There can be two kinds of action: drop means that this packet will be dropped, and pass means that packet should be passed and processed by operating system or application

    Log
    Tells Irbis Firewall to log or not to log this packet. If you set Log option in some rule it means that all packets that complies with this rule will be logged any way. This feature allows you to log passed and denied packets and gives you advanced logging control (new to Irbis Firewall version 1.3.3)

    Alert
    Tells Irbis Firewall do not alert you if such packet is found and logged. By default, Irbis Firewall shows notification windows if it detect packet that should be logged

    Options
    Advanced options for the rule. It can contain ICMP type and code description, or packet TCP flags. Now there is two flags supported, they are called established and connect request. Established means that packet is accepted by this rule only if it has not SYN flag set, connection request means any set of TCP flags