Working with Firewall rules
The Firewall operates on the basis of two types of rules:
- Packet rules. They are used for posing restrictions on packets regardless of the application. Typically, such rules restrict incoming network activity on specified TCP and UDP ports and filter ICMP messages.
- Rules for applications. They are used to set limits on network activity of a specified application. Such rules allow fine-tuning the activity filtering, for example, when a certain type of network connections is banned for some applications but is allowed for others.
Packet rules have higher priority than rules for applications. If both packet rules and rules for applications are applied to the same type of network activity, this network activity is processed using the packet rules. Besides, execution priority is assigned for each rule separately.
|