Hi, Climenole, For internet rules: Suppose I have a rule: block port 100 then I add another rule: allow port>99 In this case, is port 100 still blocked or opened again by the 2nd rule? thank in advance.
Hi nuser Still blocked. Like any rule set firewall the position of a rule is important: When a packet is examinded by the firewall, it start with the first rule in the list until it find a rule matching the packet, then apply this rule to the packet and finished. Each rule is an equivalent of a Universal proposition in mathematical logic: criteria 1 AND criteria 2 AND criteria 3 ... and the list of the rule looks like this in the primitive form: Rule #1 Allow A XOR Rule #2 Block all Non-A In a list of more than 2 primitive rules (which are developped into more specific rules) you have exactly the same things: A rule is apply to a packet if this packet match all criteria of the rule,if not the next rule is checked and the procedure continue until the FW found a matching rule. There is ONE ad ONLY ONE rule apply. And in any rule set it's mandatory to have a final rule to block all. If you block port 100 you can't unblock it with a following rule...
Hi, Climenole, If I change the 4th column (the yellow arrow to a dot, which means that the following rule (allow ports >99) will be matched continuely). Will port 100 still be blocked?