ESET Online Help

Search English
Select the topic

Adding or editing Firewall rules

Editing or adding Firewall rules may be required when the network settings change (for example, the network address or port number for the remote side changed) to ensure the correct operation of an application affected by a rule.


note

The following ESET Knowledgebase articles may only be available in English:

The upper part of the window contains three tabs:

  • General—Specify a rule name, the direction of the connection, the action (Allow, Deny, Ask), the protocol and the profile to which the rule will apply.
  • Local—Displays information about the local side of the connection, including the number of the local port or port range and the name of the communicating application. You can add a pre-defined or created zone with a range of IP addresses here by clicking Add.
  • Remote—This tab contains information about the remote port (port range). It allows you to define a list of remote IP addresses or zones for a given rule. You can add a pre-defined or created zone with a range of IP addresses here by clicking Add.

When creating a new rule, you must type a name for the rule in the Name field. Select the direction for the rule from the Direction drop-down menu and the action to be executed when a communication meets the rule from the Action drop-down menu.

Protocol represents the transfer protocol used for the rule. Select which protocol to use for a given rule from the drop-down menu.

ICMP Type/Code represents an ICMP message identified by a number (for example, 0 represents "Echo Reply").

All rules are enabled for Any profile by default. Alternatively, select a custom firewall profile using the Profiles drop-down menu.

If you enable Logging severity, the activity connected with the rule will be recorded in a log. Notify user displays a notification when the rule is applied.

DIALOG_EPFW_RULE_CREATE_GENERAL


note

Firewall logs with action Deny and logging severity Warning can be collected by ESET PROTECT.


example

In this example, we create a new rule to allow the Firefox web browser application to access the internet / local network websites:

  1. In the General tab, enable outgoing communication via the TCP and UDP protocol.
  2. Click the Local tab.
  3. Select the file path of the web browser you use by clicking ... (for example, C:\Program Files\Firefox\Firefox.exe). Do NOT type the name of the application.
  4. In the Remote tab, enable port numbers 80 and 443 if you want to allow standard internet browsing.

note

Pre-defined rules can be modified in a limited way.