Port Sets
- Port sets are predefined groups of one or more ports. These sets can be named as the target of Application Rules and Global Rules. For example, you might want to block all inbound traffic to certain set of ports.
- The port sets panel lets you add, view and manage port sets.
Open the Portsets panel
- Click 'Settings' at the top of the CIS home screen
- Click 'Firewall' > 'Portsets'
- The interface lists all existing port sets. Click the + button to view all ports in the set.
- CIS ships with three default portsets:
- HTTP Ports: 80, 443 and 8080. These are the default ports for http traffic. Your internet browser uses these ports to connect to the internet and other networks.
- POP3/SMTP Ports: 110, 25, 143, 993, 995, 465 and 587. These ports are typically used for email communication by mail clients like Outlook and Thunderbird.
- Privileged Ports: 0-1023.Privileged ports are so called because it is usually desirable to prevent users from running services on these ports. Network admins usually reserve or prohibit the use of these ports. This set can be deployed if you wish to create a rule that allows or blocks access to the privileged port range.
Define a new Port Set
After defining a new portset, you can apply it to applications through the Application Rule interface. See 'Create or Modify Firewall Rulesets' for more details.
- Click 'Settings' on the CIS home screen
- Click 'Firewall' > 'Portsets'
- Click the 'Add' button at the top.
- Create a name for the port set
- Click 'Add' to specify ports and port ranges for the set:
- Specify the ports to be included in the new portset:
- Any - to choose ports
- A Single Port - Specify the port number
- A Port Range - Enter the start and end port numbers in the respective combo boxes. Exclude (i.e. NOT the choice below): Means all ports will be included in the portset except the ones you specify here.
- Click 'OK' in the 'Port' dialog then 'OK' in the 'Add Port sets' interface.
You can now select 'A Set of Ports', then choose this rule-set, when creating or modifying a Firewall Ruleset.
Edit an existing port set
- Click 'Settings' on the CIS home screen
- Click 'Firewall' > 'Portsets'
- Select the port set from the list
- Click the 'Edit' button
- The
editing procedure is similar to adding
the portset explained above