Now the internet is not a pure land, in order to prevent attacks from the network, many novice friends have installed a firewall software to protect themselves, but how to use a firewall more practical? Below, follow the author piece, to Skynet firewall as an example, through it to support the function of custom rules, to meet the needs of different types of users, to avoid "prevent others also prevent themselves" embarrassment.
Small knowledge: IP rule is a series of comparison conditions and a packet of action combination, it can be based on each part of the packet and set the conditions to compare. When the condition is met, it is possible to determine whether to release or block the package. By setting rules properly, you can block unwanted data out of your machine or open green channels for certain programs that have legitimate network requests.
Add a rule
Although Skynet has set a lot of rules, but everyone has the situation of each person, but also according to their own situation to develop their own rules (in the Skynet Firewall IP Rule list, the rule in the front end will act first, and ignore the associated rules behind, so that the special network services to open up a green channel to become possible )。 For example, the author created an FTP server in his own machine to share various resources with friends, but the friends reflect that they can't connect. Search carefully, found that Skynet is in the "mischief"! Now set up a special IP rules for FTP easy to use.
Click the Skynet icon in the system tray to open the program interface and click on the second icon on the left side of the main screen, "IP rule management."
Click the "Add Rule" button, pop-up "Add IP Rules" window, in "name" Enter a name to be displayed in the IP Rules list, in the "description" below to fill in the description of the rule, to prevent later forget the purpose of the rule. Because the author created an FTP server to Exchange data with friends, therefore, in packet direction, select Receive and send through the Drop-down menu, and if your friends do not have a fixed IP address, select "Any address" in the "Other IP address" and, because the FTP server is based on the TCP/IP protocol, And you need to open 21 ports on this machine, so in Packet protocol type, select the TCP protocol and enter "0" and "21" in "Local port" to open the port. Because you do not limit what ports the other side uses to connect, you can leave the default "0" in the "offset port", and finally, select "Pass" in the Drop-down menu "when the above conditions are met" to release it.
With the above settings, the 21 port on this machine is opened. Return to the main Skynet interface, select the newly created "FTP" rule, and press and hold "↑" to move it below the TCP packet monitoring rule to skip the toughest "Disable everyone connections" rule, and then click Save Rules to save the settings. Restarting Skynet firewall now takes effect.
Tip: If you want to record the access IP of your friends in Skynet's connection log, you can also check the "record" option in "at the same time."
Backup and Recovery rules
If you have created or modified a lot of IP rules, set these rules when you need to reinstall the system or Skynet. Therefore, after the export backup, when needed to import the recovery is the easiest way.
Click the "Export Rule" button, open the Export Settings window, set the folder in filename to save the backup, select the IP rule you created in the list of IP rules below (or click the "Select All" button to back up all the IP rules), and then click "OK" to export for backup.
When you need to recover, only click on the "Import Rules", through the "open" window to find and double-click the backup of the IP rule file can be imported.
Now that we know the way to set up Skynet's IP rules, we're not afraid of Skynet firewalls blocking our legitimate programs. Perhaps some friends will ask: I installed the Network Service program does not use common port, do not know it needs to open which ports what to do? Never mind, I'll teach you the easiest way: Start the blocked program, open the Skynet firewall security log, and see which port it blocks and which port it needs to open with IP rules.