Rules

The configurations for the basic firewall application are based on sets of ordered rules. The default rules that are installed with the basic firewall establish a security policy that works well with i-Planet. These rules specify the action to be taken for services between two addresses that are on different interfaces of the firewall.

To List the Rules

1. As root, type the following to list the rules:

   # fw.rule list rule

   The rules (in this case, the default rules) are listed in the order in which they examine incoming packets.

   1 ALLOW "ssl" from "le0" to "localhost" 2 ALLOW "common services" from "localhost" to "*" 3 ALLOW "rip" from "*" to "*"

To Add a Rule

1. As root, type the following to add a rule:

   # fw.rule add ALLOW service from host to host

This rule allows you to add a service from a named remote host to a local host. Use the list option to see the new list of rules.

To Delete a Rule

1. As root, type the following to delete a rule:

   # fw.rule delete 4

Rule number 4 is deleted. Use the list option to see the new list of rules.

To Move a Rule

1. As root, type the following to move a rule:

   # fw.rule move 5 4

Rules 5 and 4 are reordered. Use the list option to see the new ordering.