ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
Firewall Protection
5-31
v1.0, September 2009
For example, Web servers serve Web pages, time servers serve time and date information, and
game hosts serve data about other players’ moves. When a computer on the Internet sends a
request for service to a server computer, the requested service is identified by a service or port
number. This number appears as the destination port number in the transmitted IP packets. For
example, a packet that is sent with destination port number 80 is an HTTP (Web server) request.
The service numbers for many common protocols are defined by the Internet Engineering Task
Force (IETF) and published in RFC 1700, “Assigned Numbers.” Service numbers for other
applications are typically chosen from the range 1024 to 65535 by the authors of the application.
Although the UTM already holds a list of many service port numbers, you are not limited to these
choices. Use the Services screen to add additional services and applications to the list for use in
defining firewall rules. The Services menu shows a list of services that you have defined, as shown
in
Figure 5-19
.
To define a new service, first you must determine which port number or range of numbers is used
by the application. This information can usually be determined by contacting the publisher of the
application or from user groups of newsgroups. When you have the port number information, you
can enter it on the Services screen.
To add a customized service:
1.
Select
Network
Security
>
Firewall
Objects
from the menu. The Firewall Objects submenu
tabs appear, with the Services screen in view. The screen displays the Custom Services table
with the user-defined services. (
Figure 5-19
shows some examples.)
Figure 5-19