Configuring Firewall Expert Rules Updated May 02, 2021 20:33 To add custom firewall protection to your PC, you can configure Firewall Expert Rules: Source - traffic source Destination - traffic destination Protocol - transport layer protocol Time - days and times Action - allow or block Rank - the priority order in the list of all expert rules Expert Rules can be configured for specific groups based on: Host names and IP addresses Protocols and port numbers Days and times of access If a group changes, all the expert rules that use it are automatically updated. To get to Expert Rules and Expert Group configuration: Click in the ANTIVIRUS & FIREWALL panel of the ZoneAlarm software client. Click Settings in the Advanced Firewall section. Click Advanced Settings.The Firewall Settings window opens and shows the Advanced settings. From the navigation tree, select Expert Rules. After you configure Expert Rules and Expert Groups as necessary, click OK. Adding Expert Rules To add an Expert Rule: In the Expert Rules configuration screen, click Add.The Add Expert Rule window opens. Select the Rank. Enter a Name and Comments (optional). Make sure the State is Enabled. Note: you can change the State to Disabled at any time for testing or troubleshooting purposes. Select an Action - Allow - to allow the traffic that matches the rule criteria. Block - to block the traffic that matches the rule criteria. Add criteria to the rule: Source, Destination - click Modify > Add Location > [location option]: My Computer - this PC. Trusted Zone - computers and networks in the Trusted Zone ("Managing Basic Firewall Security Zone Settings") Public Zone - computers and networks in the Public zone ("Managing Basic Firewall Security Zone Settings") Any - any source/destination location, without restrictions (default) Host/Site - add a Description and a Host name, then click Lookup, and OK IP Address - add a Description and an IP Address, then click OK IP Range - add a Description, the first IP Address of a range and the last one, then click OK Subnet - add a Description, an IP Address and a Subnet Mask, then click OK Gateway - add a Description, an IP Address and a MAC Address, then click OK New Group - see how to add Location Expert Groups Existing Group - select groups from the list, then click OK. Protocol - click Modify > Add Protocol > [option]: Add Protocol - add a Description, select a Protocol, a Destination Port and a Source Port, then click OK New Group - see how to add Protocol Expert Groups Existing Group - select groups from the list, then click OK Time - click Modify > Add Time > [option]: Day/Time Range - add a Description, select From and To values for the Time frame, Days of the week, then click OK New Group - see how to add Time Expert Groups Existing Group - select groups from the list, then click OK Click OK. Editing or Deleting Expert Rules To edit or to delete an expert rule: In the Expert Rules configuration screen, select an expert rule. Do one of these: To delete the rule - click Remove, then Yes to confirm To edit the rule - click EditAdd Expert Rule window opens. Change parameters as described in the Adding Expert Rules (on page 38) procedure. Click OK. Managing Expert Groups To manage Expert Groups: In the Expert Rules configuration screen, click Groups.The Expert Group Manager window opens. Do necessary procedures on Expert Groups: Add Remove Edit Click OK to save and exit. Adding Expert Groups: You can add Expert groups based on: Location Protocols Times To add a Location Expert Group: Select the Locations tab. Click Add.Add Location Group window opens. Enter a Name and a Description (optional). Click Add. Select one of the options from the drop-down menu and enter the required parameters: Host/Site - enter a Description and a Host name, and click Lookup to find the IP address of the host IP Address - enter a Description and an IP Address IP Range - enter a Description, the first IP Address of the range and the last IP Address of the range Subnet - enter a Description, an IP Address and a Subnet Mask Gateway - enter a Description, an IP Address and a MAC Address of a gateway Note - Description field is required. Click OK. Click OK. To add a Protocol Expert Group: Select the Protocols tab. Click Add.Add Protocol Group window opens. Enter a Name and a Description (optional). Click Add.The Protocol window opens. Select one of the Protocol options from the drop-down menu and enter the required parameters: TCP - Destination Port and Source Port by service name or port number. For example, HTTP or 80. The default is Any. UDP - Destination Port and Source Port by service name or port number. For example, TFTP or 69. The default is Any. TCP and UDP - Destination Port and Source Port by service name or port number. For example, TACACS or 49. The default is Any. ICMP - ICMP service by Name or Type Number. For example, Echo Request or 8. IGMP - IGMP service by Name or Type Number. For example, Multicast Traceroute or 31. Custom - any protocol by Name or Protocol Number. For example, GRE or 47. Note - Description field is required. Click OK. Click OK. To add a Time Expert Group: Select the Times tab. Click Add.The Add Time Group window opens. Enter a Name and a Description (optional). Click Add.The Day/Time Range window opens. Enter a Description. Select the From and To values for the Time. The default is Any. Select Days of the week. Click OK. Click OK. Editing Expert Groups To edit an Expert Group: Select the tab for the Expert Group category: Locations Protocols Times Select an expert group from the list. Click Edit.The corresponding Add Group window opens. Click OK. Click OK.