We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see https://campus.barracuda.com/doc/71862301/ for further information on our EoS policy.

Firewall Rule Tester and Test Reports

  • Last updated on

The Barracuda NG Firewall provides you with a few tools to test your firewall rule set: 

  • Check for Overlapping Rules – Highlights firewall rules with criteria that matches those of a selected firewall rule and helps you determine the best order for your firewall rules.
  • Rule Tester – Tests the firewall rule set with the specified connection settings. Also verifies the consistency of your firewall rule set.
  • Test Report – Contains settings and results that are saved from a rule test. Notifies you if any later changes to the firewall rule set result in an unsuccessful connection request with the saved settings.

In this article:

Check for Overlapping Rules

Because a connection request can match the criteria of multiple firewall rules, the order of the rules is important. To help you identify firewall rules with criteria that matches those of a selected rule, use the overlap checker.

  1. Open the Forwarding Rules page (Config > Full Config > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules).
  2. Right-click a firewall rule and select Select Overlapping.

Any firewall rules with matching criteria are highlighted. In most cases, the overlap is a harmless outcome of a very openly defined firewall object such as Any.

Test the Firewall Rule Set

To test your firewall rule set, you can simulate a specific connection by entering the network data in the rule tester. The rule tester then determines which firewall rule would match this connection attempt.

  1. Open the Forwarding Rules page (Config > Full Config > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules).
  2. In the left menu, expand the Rule List Verification section and click  Rule Tester.
  3. In the  TEST CONNECTION  section, enter the network parameters you want to test:   
    • Proto –  Protocol
    • Day/Hour –  (Optional) Day of week and time
    • Date –  (Optional) Month, day, and year
    • From –  Source IP address
    • Port –  Source port (default is 2048)
    • To –  Destination IP address
    • Port –  Destination port
    • SMAC – (optional) Source MAC address
    • Input-IF – (optional) Incoming interface
    • Output-IF –(optional) Outgoing interface
    • Srv –  Service

  4. Click Test. The test result is displayed in the TEST RESULT section.

Save the Rule Test to a Test Report

  • To save your firewall rule test settings and result, click LOCK, enter a name in the Save Result to field and click Save Result to.
    Your test is saved as a test report.
  • To view your saved test results, expand Rule List Verification and click Test Report in the left pane of the rule set page.

Test Reports

On the Test Report page, successful test results are indicated by a green icon. Unsuccessful test results are indicated by a red icon. If you make changes to the firewall rule set that would cause an unsuccessful test connection for a test report (such as renaming objects or changing the order of firewall rules), the green icon turns into a red icon.

The new results are added to the test report while the old results are displayed in brackets. You can validate or edit the settings for the failed connection request. If the new results for a failed connection request are correct, you can validate the test report by right-clicking it and selecting Rectify. The red icon for the test report turns into a green icon. If the new results for a failed connection request are incorrect, you can edit the firewall rule or the test report settings.

  • To edit the test report, right-click it and select Edit.
  • To edit the firewall rule, double-click the test report. In the TEST RESULT section, click Edit next to the Rule field.

While editing the test report, you can also use it as a template and save the new settings as a new test report.

Test reports are only saved temporarily. If you want to save test reports, click Send Changes and Activate.

Last updated on