This section provides information about the settings that you can specify for the Firewall Manager task.
All available values and default values for each setting are described.
DefaultIncomingAction
The default action to perform on an inbound connection if no network rules can be applied to this kind of the connection.
Available values:
Allow
—Allow inbound connection
Block
—Block inbound connection
Default value: Allow
DefaultIncomingPacketAction
The default action to perform on an incoming packet if no network packet rules can be applied to this kind of the connection.
Available values:
Allow
—Allow incoming packet
Block
—Block incoming packet
Default value: Allow
Section [PacketRules.item_xxxx]
The [PacketRules.item_#]
sections specify network packet rules for the Firewall Manager task.
You can define several [PacketRules.item_#]
sections in a configuration file in any order. Kaspersky Endpoint Security will process scopes by an item index, in ascending order.
Each [PacketRules.item_#]
section contains the following settings:
Name
A network packet rule name.
Default value: Network rule #<n>
; where, n
is an index.
FirewallAction
Action to be performed on connections specified in this network packet rule.
Available values:
Allow
—Allow network connection
Block
—Block network connection
Default value: Allow
Protocol
Type of protocol for which network activity is to be monitored.
Available values:
Any
—The Firewall Manager monitors all network activity
TCP
UDP
ICMP
ICMPv6
IGMP
GRE
Default value: Any
RemotePorts
Port numbers of the remote computers between which the connection is to be monitored.
This setting can be specified only if the Protocol
setting value was set to TCP
or UDP
.
Integer or interval can be specified for this setting.
Available values:
Any
—All remote ports are monitored
0-65535
Default value: Any
LocalPorts
Port numbers of the local computers between which the connection is to be monitored.
This setting can be specified only if the Protocol
setting value was set to TCP
or UDP
.
Integer or interval can be specified for this setting.
Available values:
Any
—All local ports are monitored
0-65535
Default value: Any
ICMPType
ICMP packet type.
This setting can be specified only if the Protocol
setting value was set to ICMP
or ICMPv6
.
Available values:
Any
—All ICMP packet types are monitored
Integer according to a data transfer protocol specification
Default value: Any
ICMPCode
ICMP packet code.
This setting can be specified only if the Protocol
setting value was set to ICMP
or ICMPv6
.
Available values:
Any
—All ICMP packet codes are monitored
Integer according to a data transfer protocol specification
Default value: Any
Direction
Direction of the monitored network activity.
Available values:
IncomingOutgoing
—Monitor both inbound and outbound connections
Incoming
—Monitor inbound connections
Outgoing
—Monitor outbound connections
IncomingPacket
—Monitor incoming packets
OutgoingPacket
—Monitor outgoing packets
IncomingOutgoingPacket
—Monitor both incoming and outgoing connections
Default value: IncomingOutgoing
RemoteAddress
The network addresses of remote computers that can send and / or receive network packets.
Available values:
Any
—Monitor network packets sent and/or received by remote computers with any IP address
Trusted
—All Trusted networks
Local
—All Local networks
Public
—All Public networks
d.d.d.d
—IPv4 address; where, d
is a decimal number 0-255
d.d.d.d/p
—Subnet of IPv4 addresses; where, p
is a number 0-32
x:x:x:x:x:x:x:x
—IPv6 address; where, x
is a hexadecimal number 0-ffffff
x:x:x:x::0/p
—Subnet of IPv6 addresses; where, p
is a number 0-64
Default value: Any
LocalAddress
Network addresses of computers that have Kaspersky Endpoint Security installed and can send and / or receive network packets.
Available values:
Any
—Monitor network packets sent and/or received by remote computers with any IP address
d.d.d.d
—IPv4 address; where, d
is a decimal number 0-255
d.d.d.d/p
—Subnet of IPv4 addresses; where, p
is a number 0-32
x:x:x:x:x:x:x:x
—IPv6 address; where, x
is a hexadecimal number 0-ffffff
x:x:x:x::0/p
—Subnet of IPv6 addresses; where, p
is a number 0-64
Default value: Any
LogAttempts
Specify whether you want the actions of the network rule to be included in the report.
Available values:
Yes
—Report actions
No
—Do not report actions
Default value: No
Section [NetworkZonesPublic]
The [NetworkZonesPublic]
section specifies network addresses associated with Public networks.
You can specify several IP addresses or subnets of IP addresses.
Address.item_xxxx
Available values:
d.d.d.d
—IPv4 address; where, d
is a decimal number 0-255
d.d.d.d/p
—Subnet of IPv4 addresses; where, p
is a number 0-32
x:x:x:x:x:x:x:x
—IPv6 address; where, x
is a hexadecimal number 0-ffffff
x:x:x:x::0/p
—Subnet of IPv6 addresses; where, p
is a number 0-64
Default value: “”
(no network addresses in this zone)
Section [NetworkZonesLocal]
The [NetworkZonesLocal]
section specifies network addresses associated with Local networks.
You can specify several IP addresses or subnets of IP addresses.
Address.item_xxxx
Available values:
d.d.d.d
—IPv4 address; where, d
is a decimal number 0-255
d.d.d.d/p
—Subnet of IPv4 addresses; where, p
is a number 0-32
x:x:x:x:x:x:x:x
—IPv6 address; where, x
is a hexadecimal number 0-ffffff
x:x:x:x::0/p
—Subnet of IPv6 addresses; where, p
is a number 0-64
Default value: “”
(no network addresses in this zone)
Section [NetworkZonesTrusted]
The [NetworkZonesTrusted]
section specifies network addresses associated with Trusted networks.
You can specify several IP addresses or subnets of IP addresses.
Address.item_xxxx
Available values:
d.d.d.d
—IPv4 address; where, d
is a decimal number 0-255
d.d.d.d/p
—Subnet of IPv4 addresses; where, p
is a number 0-32
x:x:x:x:x:x:x:x
—IPv6 address; where, x
is a hexadecimal number 0-ffffff
x:x:x:x::0/p
—Subnet of IPv6 addresses; where, p
is a number 0-64
Default value: “”
(no network addresses in this zone)