Firewall rules are highly configurable. Here are some of the more common options:

• Action: This determines what happens if the traffic matches the rule’s criteria. The options are as follows:

  • Pass: Let the traffic pass.
  • Block: Drop the packet silently.
  • Reject: Drop the packet, but send back either a TCP RST error (for TCP packets), or an ICMP port unreachable error (for UDP packets).
• Disabled: Enabling this option allows you to disable the rule without deleting it, which is handy when troubleshooting.
• Interface: Traffic originating from the specified interface will be subject to the rule. The default value is whatever interface’s tab you are on when you add the rule, but you can change it to any interface you choose using the interface drop-down menu.

• Protocol: This specifies the protocol to be matched. Usually the default of TCP is sufficient, but in some cases, we may want to match a different protocol (for example, to match ping traffic, we would use ICMP).
• Source: This is typically left at the default value of any for incoming traffic.
• Source port range: This is also typically left set to any.

• Destination: This is typically the alias or IP address of the computer servicing the request.
• Destination port range: This is typically the specific port on the computer servicing the request.
• Log: Enable logging to record packets that match this rule. Usually this option is disabled, since logging packets that match rules is a good way to generate unreasonably large log files. Enabling logging, however, can be helpful when troubleshooting.
• Description: You can enter a brief description that explains the purpose of the rule here.