The simplest syntax is just a single valid IP address. For example, 192.168.1.10 and 169.254.43.11 are valid entries.
You can also enter masked IP addresses which allows you to cover an entire range of IPs. For example, 10.0.1.0/24 and 192.0.0.0/8 are valid entries.
The advanced IP syntax not only gives you control over the IP address, but also the protocol (udp or tcp), flow direction (inbound or outbound), and port. The advanced syntax is:
protocol: Either udp or tcp. protocol is optional, and if not given, tcp is assumed.
flow: in or out. If protocol is given, then flow is required, otherwise flow is optional. If flow is not given, in is assumed.
s/d=port: A single port number. You must also specify if the port is the source port (s=), where the packet originates from, or the destination port (d=), where the packet will end up.
s/d=ip: A valid IP address. You may use an IP address or an IP address and mask. You must also specify if the IP address is the source IP (s=), where the packet originates from, or the destination IP (d=), where the packet will end up.
Inbound TCP to destination port 3306 from 220.127.116.11/24
Inbound TCP from port 3000 from 18.104.22.168
Outbound TCP to destination port 22 to destination host 22.214.171.124
Inbound UDP to destination port 1024 from destination host 126.96.36.199