The Protocol Tab

The Protocol tab is used to specify which protocols are permitted between which combinations of zones.

To the left of the tab is the Defined Network Zones: list holding every zone currently defined. The Zone Properties area shows which protocols or services the currently selected zone is permitted to serve and to whom. We will refer to the currently selected zone as the serving zone.

The expandable list of protocols is organised into ten categories:

To the right of each protocol entry in the list is one or more columns of check boxes. Each zone that the serving zone is connected to has a column on check boxes. The name of the zone is at the top of the column. The zones/columns which appear here are determined by the Connection list on the Zone tab for the currently selected zone.

The check boxes have the following meanings:

This information is summerised at the bottom of the tab in a concise key or legend showing each of the different check box states and meanings.

Tip

Rejecting a protocol is considered a more "friendly" way of blocking it's use, because the sender is immediately informed about what has happened. When a packet is quietly blocked by the firewall, the sender will not know and will have to wait and "time out" before realising that communication has failed.

Generally there is little reason to reject protocols instead of just having them dropped. If someone is trying to use a protocol that you didn't allow, then for safety's sake we should assume that they are hostile and therefore should not be helped. In this situation, dropping packets is better because it uses less network capacity and has the effect of making most port scanning software that an intruder may be using, run very slowly.

The only situation that you are likely to run into where rejecting a protocol is desirable, is with the "ident" protocol (located under the Network category).

Protocol Information

Information about a protocol is displayed on the botton left side of the tab. You can get information about any of the protocols in the list by clicking on it's title.

The following information about each protocol is available:

  • Name - The name of the protocol. It's full name and also any acronym it may be known by.

  • Description - A short description of what the protocol is used for.

  • Security Risk - An estimate of the security risk that use of the protocol has. The risk ranges from low, medium, high or unknown.

  • Network Usage - This is a description of how the protocol uses the network. It describes which connections, IP protocols and port ranges etc that the protocol uses to operate. This field is only shown if the Show Advanced Protocol Help checkbox on the Advanced tab is checked.