Skip to main content

Add and remove firewall rules

Use this page to add and remove firewall rules in the NetFoundry zLAN console.

Firewall rule fields

Each rule consists of the following fields:

  • Type:

    • Custom (requires Protocol selection)
    • HTTP
    • HTTPS
    • LDAP
    • RDP
    • SSH

  • Protocol:

    • Only shown for Custom type
    • TCP or UDP

  • Direction:

    • INBOUND (traffic coming into the firewall)
    • OUTBOUND (traffic leaving the firewall)

  • Action:

    • Allow (permit traffic)
    • Deny (block traffic)

  • Source:

    • IP address or CIDR range (e.g., 192.168.1.0/24)

  • Destination:

    • IP address or CIDR range (e.g., 10.0.2.5)

  • Port Range:

    • Specify a range (e.g., 80-443 for HTTP/HTTPS)
    • For single ports, use the same value for low and high (e.g., 22-22 for SSH)

Firewall rules

Add a rule

  1. Click Add Rule in the console.
  2. Select the Type (e.g., HTTP, SSH, Custom).
  3. If you select Custom, choose the Protocol (TCP or UDP).
  4. Choose the Direction (INBOUND or OUTBOUND).
  5. Set the Action (Allow or Deny).
  6. Enter the Source IP/CIDR.
  7. Enter the Destination IP/CIDR.
  8. Specify the Port Range (low-high).
  9. Click Save to apply the rule.
note

Changes do not take effect until you click Save.

Add rule dialog

Remove a rule

  1. Locate the rule you want to remove in the rules list.
  2. Click the Delete (trash) icon next to the rule.
  3. Confirm the deletion when prompted.
  4. Click Save to apply the change.
note

Removing a rule does not take effect until you click Save.

Save changes

Example rules

  • Allow inbound HTTP from any source to 10.0.2.5 on port 80:

    • Type: HTTP
    • Direction: INBOUND
    • Action: Allow
    • Source: 0.0.0.0/0
    • Destination: 10.0.2.5
    • Port Range: 80-80

  • Deny outbound SSH from 192.168.1.100 to any destination:

    • Type: SSH
    • Direction: OUTBOUND
    • Action: Deny
    • Source: 192.168.1.100
    • Destination: 0.0.0.0/0
    • Port Range: 22-22

  • Allow inbound Custom TCP from any source to 10.0.2.5 on port range 1000-2000:

    • Type: Custom
    • Protocol: TCP
    • Direction: INBOUND
    • Action: Allow
    • Source: 0.0.0.0/0
    • Destination: 10.0.2.5
    • Port Range: 1000-2000