We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see https://campus.barracuda.com/doc/71862301/ for further information on our EoS policy.

Firewall Rule List Interface and Icons

  • Last updated on

The features and controls of the configuration pages for the Host and Forwarding Firewall rule sets have a similar interface structure. The main rules section in these pages displays access and application rules that are configured for use in your network. You can view, create, and edit your access rules on this page.

In this article:

The Forwarding Firewall Rule Set

The Forwarding Firewall rule set contains all forwarding access and application rules and provides access to the rules configuration. To open the Forwarding Firewall rule set, go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules.

 The Forwarding Rules page is divided into the following sections: 

  • Main Rules Section – In the main rules table, you can view and edit the settings for your access or application rules.
  • Configuration Menu – The left navigation pane on the page provides you with menu sections to configure your access rules.
  • Main Rules Tab – This section lets you create additional rule lists.
  • Editing Features – Use these features to edit the rule set.

ruleset.png

Main Rules Section and Icons

In the main rules table, the settings for each access rule are organized in the following columns:

ColumnDescription
ActionThe action that is performed by the access rule.
NameThe name of the access rule.
Features

The features that have been applied to the access rule, as indicated by the following icons: 

IconFeature
dyn.pngDynamic Rule
param.pngAdvanced rule parameter changed
swap.pngRule matches for swapped source and destination
time.pngScheduled Rule
ico_tcp.pngGeneric TCP Proxy
ico_nsnat.pngNo Source NAT
user.pngAuthenticated User
noips.pngNo IPS
ips.pngCustom IPS Policy
defips.pngDefault IPS Policy
leg_app.pngLegacy Layer7 Application Control
cont.pngContinue on Device Mismatch 
parp.pngProxy ARP
noscan.pngNo Application Control 2.0 Scan
native.pngApplication Control 2.0 Scan without SSL Interception
ssl.pngApplication Control 2.0 Scan with SSL Interception
av.pngAV scan
The following icons apply to application rules only:
IconFeature
filter.pngApplication Filter Object
app.pngApplication Object
custom.pngCustom Application
over.pngOverridden Application
native.pngNative Application
ServiceThe service that applies to the access rule. For example, the IP protocol used or, with TCP/UDP, the relevant IP protocol and the port for the traffic.
SourceThe source addresses that have been selected for the access rule.
DestinationThe destination addresses that have been selected for the access rule.
Application PolicyThe application policies that have been applied to the access rule. For more information, see Application Control 2.0.   
UserThe users who are affected by the access rule.
ScheduleDisplays the times when the rule is applied.
QoSAny traffic shaping settings. For more information, see How to Create and Apply QoS Bands.
IPS PolicyThe IPS policy that is applied to the access rule. For more information, see Intrusion Prevention System (IPS).
Main Rules Tab

The Main Rules tab section lets you create additional rule lists.

Editing Features and Icons

The editing features section on the top right of the page provides the following hotkeys that let you perform different actions:

Hot-keyDescription
hk1.png

Show/hide inactive rules

hk2.png

Show/select overlapping rules

hk3.png

Move a rule down in the rule set

hk4.png

Move a rule up in the rule set

hk5.png

Delete a rule

hk6.png

Edit a rule

hk7.png

Add a new rule

hk8.png

Add a new IPv6 rule

hk9.png

Insert a new rule section

hk10.png

Clone a rule

For more information on the functionalities of the Forwarding Firewall rule set, see Forwarding Firewall.

Host Access Rule Set

The host access rule set contains default rules that fit most applications and services that are handled by the Barracuda NG Firewall. Changing the host access rule set should only be done by an expert administrator because changes can affect the behavior of your system. For help with changing default host access rules, contact Barracuda Networks Technical Support.

You can view the host access rule set on the Host Firewall - Rules page. To open this page go to Config > Box > Infrastructure Services > Host access rules.

The Host Firewall - Rules page provides an interface very similar to the Forwarding Firewall and is divided into the following sections:

  • Configuration Menu – The left navigation pane of the page provides you with menu sections to configure your access rules.
  • Inbound and Outbound Table – In the table, you can view and edit the settings for all inbound and outbound host access rules. To switch between viewing the inbound and outbound rule sets, click the following tabs:
    • Inbound – Shows all inbound Host access rules.
    • Inbound-User – (Bound to the Inbound set) Shows a subset of inbound Host access rules.
    • Outbound – Shows all outbound Host access rules.
    • Outbound-User tab – (Bound to the Outbound set) Shows a subset of outbound Host access rules.
Main Rules Section and Icons

Below the Inbound and Outbound tabs, the settings for each access rule are organized into the following columns:

ColumnDescription
ActionThe action that is performed by the access rule
NameThe name of the access rule
FeaturesThe features that have been applied to the access rule, as indicated by the following icons:
IconDescription
noips.pngNo IPS
ico_nsnat.pngNo Source NAT
leg_app.pngLegacy Layer7 Application Control
ServiceThe service that applies to the access rule
SourceThe source selected for the access rule
DestinationThe destination selected for the access rule
Comment(Optional) Comment
UserThe users who are affected by the access rule
QoSAny traffic shaping settings. For more information, see How to Create and Apply QoS Bands.
ScheduleDisplays the times when the rule is applied.

For more information on the functionalities of the host access rule set, see Host Firewall.

Last updated on