# the order of rules

Discussion in 'LnS English Forum' started by nuser, May 31, 2007.

Not open for further replies.
1. ### nuserRegistered Member

Joined:
May 31, 2007
Posts:
105
Location:
Singapore
Hi, Climenole,

For internet rules:
Suppose I have a rule: block port 100
then I add another rule: allow port>99
In this case, is port 100 still blocked or opened again by the 2nd rule?

2. ### ClimenoleLook 'n' Stop Expert

Joined:
Jun 3, 2005
Posts:
1,640
Hi nuser

Still blocked.

Like any rule set firewall the position of a rule is important:

When a packet is examinded by the firewall, it start with the first rule in the list until it find a rule matching the packet, then apply this rule to the packet and finished.

Each rule is an equivalent of a Universal proposition in mathematical logic:

criteria 1 AND criteria 2 AND criteria 3 ...

and the list of the rule looks like this in the primitive form:

Rule #1 Allow A XOR Rule #2 Block all Non-A

In a list of more than 2 primitive rules (which are developped into more specific rules) you have exactly the same things:

A rule is apply to a packet if this packet match all criteria of the rule,if not the next rule is checked and the procedure continue until the FW found a matching rule. There is ONE ad ONLY ONE rule apply. And in any rule set it's mandatory to have a final rule to block all.

If you block port 100 you can't unblock it with a following rule...

3. ### nuserRegistered Member

Joined:
May 31, 2007
Posts:
105
Location:
Singapore
Hi, Climenole,
If I change the 4th column (the yellow arrow to a dot, which means that the following rule (allow ports >99) will be matched continuely). Will port 100 still be blocked?