On the application (group of applications) traffic screen, you can set up the rules for the application connections to certain IP addresses and ports.
1.To create a new rule, select in the section. You can add allowing or blocking rules depending on the selected option:
•—a blocking rule.
•—an allowing rule.
2.In the next window, in the field, enter a valid IP address (in the a.b.c.d format), an IP addresses range (in the a1.b1.c1.d1-a2.b2.c2.d2 format) or a network (in the a.b.c.0/n format, where “n” is a number from 1 to 32) or leave this field blank (in this case entering a port number is obligatory). Enter the valid port in the field or leave it blank (in this case entering the IP address is obligatory). If you leave one of the fields blank, the rule will be valid for all the IP addresses or ports respectively. Select to save the rule.
If you have selected the option, but have added no addresses to the list, the application will block all connections.
3.To edit an existing rule, select and hold it, then select .
You can also add allowing and blocking rules when you view the or the list of .
To delete a rule
1.Select and hold the rule.
2.Select the icon.
To delete all rules for a certain application
1.On the tab of the screen, select the application (see ).
2.On the screen, select > .
3.In the next window, select the check box and select .
To delete all rules for all applications
1.On the screen, select > .
2.In the next window, select the check box and select .
To allow incoming connections for an application:
1.On the tab (see ), select the application to allow incoming connections for.
2.On the screen, select .
3.Select the check box.
The information on the connections from any external addresses with the port opened by the application is only partially added to the and firewall . Moreover, any connections with such addresses may be excluded from firewall check for all other applications. This operation mode is not safe and should not be used.
Allowing the incoming connections is useful in case the firewall cannot be disabled by other means, for example, when a server receiving connections from external networks is configured on the device.