Category: Firewall IP Syntax Overview

Share this post...Tweet about this on TwitterShare on Google+0Share on Facebook0

Firewall IP Address Reference

Simple Syntax

  1. The simplest syntax is just a single valid IP address. For example, and are valid entries.
  2. You can also enter masked IP addresses which allows you to cover an entire range of IPs. For example, and are valid entries.

Advanced Syntax

The advanced IP syntax not only gives you control over the IP address, but also the protocol (udp or tcp), flow direction (inbound or outbound), and port. The advanced syntax is:

  1. protocol: Either udp or tcpprotocol is optional, and if not given, tcp is assumed.
  2. flowin or out. If protocol is given, then flow is required, otherwise flow is optional. If flow is not given, in is assumed.
  3. s/d=port: A single port number. You must also specify if the port is the source port (s=), where the packet originates from, or the destination port (d=), where the packet will end up.
  4. s/d=ip: A valid IP address. You may use an IP address or an IP address and mask. You must also specify if the IP address is the source IP (s=), where the packet originates from, or the destination IP (d=), where the packet will end up.

Example 1
Inbound TCP to destination port 3306 from


Example 2

Inbound TCP from port 3000 from


Example 3
Outbound TCP to destination port 22 to destination host


Example 4
Inbound UDP to destination port 1024 from destination host

Citation Source: APFFirewall
Nov 15, 2012, 5:50 pmBy: InterWorx
Firewall IP Syntax Overview
1 vote, 1.00 avg. rating (34% score)
(0) Comments

Leave a Reply
Surround code blocks with <pre>code</pre>

Your email address will not be published.


Broken Link