Service Groups

In addition to the basics services, the basic firewall application is shipped with predefined service group. One such group, for example, is common services, which consists of tcp traffic on port 0 to 3850 or port 3855 to 65535, udp traffic on all ports, syslog, dns, rpc, nfs, icmp, route, ftp, rsh, real audio, pmap udp all, nis, archie, traceroute, and ping.

To List the Services

1. Type the following to list the services:

   # fw.rule list service

   You use this command with the option list service to list the available services and with the option list interface to list the interface that the firewall application is using.

To Add a Port

1. As root, type the following to add a new port:

   # fw.rule add ALLOW port-number from host to host

This rule allows to add a new port from a remote host to a local host. if a service is not defined, tcp is the service used. If the new port is not in the services file, it is added.

For example, if you use this rule to add port 3000 from a-remote-host to ALL, a new tcp service on port 30000 is added to the service table and the i-Planet gateway would accept communication on port 30000 from a named remote host.