Using the Rule wizard

Navigation:  Operating the firewall > Rule sets > Create rule sets >

Using the Rule wizard

Previous pageReturn to chapter overviewNext page

The rule wizard allows you to define specific additional rules to the relevant rule set, or modify existing rules. We recommend that users unfamiliar with firewall technology use the rule wizard rather than the advanced editing mode.

You can use the rule wizard to change one or more rules in the selected rule set. Thus you always create a rule within a rule set that contains various rules.

Depending on which rule set you have specified for the relevant network, one rule set (e.g. for untrustworthy networks) may block an application while another (e.g. for trustworthy networks) could grant it full network access. This means you can use a strategic combination of rules to restrict a browser in such a way that, for example, it can access websites available within your home network but cannot access content from the data transmission network.

The following basic rules are available in the rule wizard:

Allow or deny access to a specific application: This allows you to select a specific application (program) on your hard disk and explicitly permit or deny it access to the network governed by the rule set. Simply use the wizard to select the required program (program path) then indicate under Connection direction whether the program is to be blocked for incoming connections, outgoing connections or both incoming and outgoing connections. This enables you, for example, to prevent your MP3 player software forwarding data about your listening habits (outbound connections) or to ensure that program updates are not downloaded automatically (inbound connections).

Open or disable a specific Internet service (port): A Port is a specific address area that automatically forwards data transferred over a network to a specified protocol and then on to specified software. For example, standard websites are transferred via port 80, while email is sent via port 25 and received via port 110, etc. Without a firewall, all ports on your computer normally remain open, although the majority of users do not need most of these. Blocking one or more of these ports is a quick way of eliminating vulnerabilities that could be used for attacks by hackers. The wizard provides the option of blocking ports completely or for a particular application only (e.g. your MP3 player software).

Allow or deny file and printer sharing (NetBIOS): NetBIOS is a special interface in networks that can be used for e.g. sharing files or printers directly between one computer and another without using the TCP/IP protocol. It is often advisable to deny sharing for untrustworthy networks, as this is generally not necessary for home networks and the NetBIOS can also be used by hackers to influence a computer.

Allow or deny domain services: A domain is a type of classification directory for computers on a network which allows the computers linked to the network to be managed centrally. Enabling for domain services in untrustworthy networks should generally be denied.

Enable Internet connection sharing: If your system connects directly to the Internet, you can specify whether all computers in the network should have access to the Internet via a computer connected to the Internet or not. This Internet connection sharing (ICS) can usually be enabled for a home network.

Switch to the extended edit mode: This allows you to move from the rule wizard to the advanced editing mode. For further information on the advanced editing mode, see the section entitled Using the advanced editing mode.

If you remove the checkmark next to Always launch the rule wizard in the future checkbox, the firewall will automatically open the advanced editing mode to define new rules.