See also: Irbis Firewall Main Window Table of content
Irbis Firewall is a firewall application developed for using on Microsoft Windows 2000, Windows XP and Windows ME operating systems. The primary function of Irbis Firewall is filtration of the IP-packets based on the network-level fields of packets, such as source and destination addresses, source and destination ports, ICMP messages types and codes. Irbis Firewall doesn't filter packets on the application-level for not to decrease Windows functioning safety by installing necessary drivers.
Irbis Firewall distributive package contains two programs:
After startup Irbis Firewall automatically starts the process of packet filtration. The filtration is applied to all the packets sent or received through any IP-interface. Irbis Firewall also tracks activation and deactivation of interfaces, and applies separate filtering rules to each active interface. This technology makes Irbis Firewall protection very flexible and allows you to customize the network activity of your computer.
All IP packets are checked with rules. Every rule has a condition part and action part. Condition part describes the set of options like protocol, sender address, destination address, packet flags, destination and source ports and others. If packet conforms with condition part of the rule, then this packed will be processed as action part claims. Action part is a combination of the following flags: pass or drop packet, save packet into a log file or not, and notify user that packet was logged or keep silent.
Rules are joined into a groups called Rulesets. Every ruleset is a set of rules and policy (default rule that conforms with all packets). When the packet is checked by ruleset, it is checked with every rule that ruleset includes. If packet is conformed with some rule, the action this rule contains have to be used. If there was NO rule that conforms with a packet, than policy action will be used.
Your computer is connected to network by network interfaces. Network interface is a device like the network adapter or modem that established link with your Internet provider. To protect your computer, Irbis Firewall attaches two rulesets to each of network interfaces of your computer. The first ruleset is called Input ruleset, and it checks all packet that is received by this interface. The second ruleset is called Output ruleset and is used to check packets that are sending out of your computer through this interface.
Process of attaching rulesets to network interfaces is called binding. Irbis Firewall has a binding table that is used to select rulesets that will be bound to the network interface. Binding table has two parts - IP subnet address and two ruleset names, one is Input ruleset name and the second is Output ruleset name. When Irbis Firewall detects that there are unsecured network interface on your computer, it looks in the bindings table. If IP-address ofthe network interface is included into the subnet address of some binding tables' row, then rulesets whose names stored in this row will be used to control IP packets that will be sent or received through this network interface.
To ease firewall configuration on your computer, Irbis Firewall supports Security levels. Security levels was designed to be as much secured as it's possible, so we recommend that novice users use default security levels. Irbis Firewall supports also dynamic user preferences. These preferences can be easily modified by novice user to customize access control. That's important that user preferences always are more preferable than Security level rules.
Irbis Firewall has an embedded HTTP proxy server. Irbis Firewall configuration wizard allows you to configure this feature automatically with typical settings, that helps you to prevent access to unuseful and untrusted content. Proxy-server supports CONNECT, GET, HEAD and POST methods, and allows you to control access with the following conditions: