Firewall Service

Description: the “Firewall Service” can be accessed from the “Service Settings” section.

Enabling the “Firewall Service” allows the G-Mation P6 to manage or block traffic from specific communication network interfaces.

In the “Service Settings” section you can view the current status of the service, “ON” in the case of active service and “OFF” in the case of deactivated service.

Clicking the “Configure” button provides access to the service configuration interface.

The configuration interface of the “Firewall Service” is shown below:

The popup displayed allows you to act on the on/off switch to change the enable/disable status of the service; clicking the “Edit” button allows you to change the status of the on/off switch.

By clicking the “Save” button, the current state of the on/off switch (enable and disable, respectively) can be applied to the “Firewall Service” service;

by clicking “Cancel” you can exit the state change mode, restoring the state previously applied to the “Firewall Service” service;

at any time you can click the “Cancel” button and remove the service status configuration popup display.

By changing the “Enabling” switch from “off” to “on,” GSetup makes available the interface for configuring the rules for managing the communication flows administered by the “Firewall.”

Each line in the “Firewall” configuration panel represents a rule; each rule is characterized by the following parameters:

“Enable”: on/off switch that allows you to make the “Firewall” rule on/off respectively. Natively, there are rules named “Web Server – HTTP” “Web Server – HTTPS” “Web Socket” “DB Engine” that cannot be disabled as they are mandated for the proper functioning of G-Mation P6;

“Name”: free text field in which the operator can enter a mnemonic reference to associate with the “Firewall” rule. Natively there are rules named “Web Server – HTTP” “Web Server – HTTPS” “Web Socket” “DB Engine” that cannot be updated in terms of naming;

“Source Interface”: represents the source of the communication flow that is to be subjected to the “Firewall” rule. Considering that the allowed source is any of the network interfaces exposed by the G-Mation P6, the “Source Interface” field can be populated with the selection of the drop-down menu that is pre-filled with the list of available interfaces. In case the rule is to be applied to all network interfaces, the operator can select the value “Any.”

“Source IP or Network”: IP address of the source of the communication flow subject to the “Firewall” rule;

“Protocol”: selection of the type of traffic to be subjected to the “Firewall” rule. The type is related to the protocol that characterizes the traffic on the network interface and can be “TCP” or “UDP”;

Once the whole list of rules is defined, the operator can act on the priority of action of the rules themselves: in case of handling the same communication flow by two or more rules, the Firewall will give priority to the rule that occurs in the upper rows of the table. In this sense, the operator can adjust the priority of action of individual rules by moving up/down the sequence through the appropriate arrows placed at the end of each row.

Removal of the individual rule can be accomplished by clicking the trash icon located at the end of each row.

At the end of the “Firewall” rule table are management buttons:

“Add”: allows you to add a new row to the rule table; the row thus created is ready to be configured;

“Save”: allows you to save the configuration of the “Firewall” rules; the button is available (green color) if there are changes to be saved, otherwise the button is inactive;

“Cancel”: allows you to exit the rule configuration panel. Any unsaved changes are lost upon exiting the panel;

“Download Rules”: allows you to generate a report file of the configured rules;

“Upload Rules”: allows you to import a report file of the configured rules.