Kerio Tech Firewall6 User Manual
Page 80
Chapter 7
Traffic Policy
80
Use the Any button to replace all defined items with the Any item (this item is also used by
default for all new rules). Whenever at least one new service is added, the Any value removed
automatically.
Use the Remove button to remove all items defined (the Nothing value will be displayed in
the item list). Whenever at least one service is added, the Nothing value will be removed
automatically. If the Nothing value is kept in the Service column, the rule is disabled.
The Nothing value is important for removal of services (see chapter
). The Nothing value
is automatically used for the Service item of rules where a removed service has been used.
Thus, all these rules are disabled. Inserting the Nothing value manually is not meaningful
—a checking box in the Name column can be used instead.
Note: If there is a protocol inspector for a certain service in WinRoute, it is applied to all corre-
sponding traffic automatically. If desired to bypass the protocol inspector for certain traffic,
it is necessary to define this exception in the particular traffic rule. For detailed information,
see chapter
Action
Action that will be taken by WinRoute when a given packet has passed all the conditions for the
rule (the conditions are defined by the Source, Destination and Service items). The following
actions can be taken:
Figure 7.14
Traffic rule — selecting an action
•
Permit — traffic will be allowed by the firewall
•
Deny — client will be informed that access to the address or port is denied. The client
will be warned promptly, however, it is informed that the traffic is blocked by firewall.
•
Drop — all packets that fit this rule will be dropped by firewall. The client will not
be sent any notification and will consider the action as a network outage. The action
is not repeated immediately by the client (the client expects a response and tries to
connect later, etc.).