Just type in a valid IP address, network or (in some cases) a MAC address. The most common option is to use a single IP address to grant some host access to a certain service. The page where you create rules is split into two sections - the first one for the source and a second one for the destination: When you are going to create a new firewall rule, you have to make it clear to you what the source and what the destination host(s) is/are. Please read the Location Block article for more information on this technique. This might be useful if you want to provide a service for a few countries only, which might limit your attack surface. It is possible to choose a country (or a group of countries) as a source or destination. In IPFire, you may create groups of hosts, networks and even VPN connections, which make it very easy to select multiple hosts on a network as source or destination at once. The former destination is now the source and the former source is now the destination. The designated recipient is called destination.Ī reply packet traverses the network in the opposite direction. The host, where the packet is created and sent is called source.
You need to understand that a packet is traversing a path of multiple hosts on a network. Understanding the differences between the source and destination of a packet is mandatory to work with any kind of firewalls. If you quickly create a Port-forwarding, DMZ pinhole or Using Source NAT rule, please have a look at the short guides. This should help you with deciding which information you need to put in those fields in order to create firewall rules. On this page, you will find a detailed description of all options and inputs on the rule creation page.