click policy, and then select the add service tab. a window similar to that in figure 44 is displayed.
figure 44 add service window
the scroll list on the right side of the screen displays all ip protocols that are currently defined and that appear in the services window. next to the name of the protocol, two numbers appear in brackets. the first number indicates the ip port number which defines the service (either tcp port, udp port, or icmp type). the second number indicates the ip protocol type (6 for tcp, 17 for udp, or 1 for icmp).
there may be more than one entry with the same name.
for example, the default configuration has two entries labeled name service (dns). these are udp port 53 and tcp port 53. any entries with identical names are grouped together, and are treated as a single service. up to 128 entries are supported.
to add support for a well-known service by name:
1 select the name of the service from the add a known service drop-down list.
2 click add.
the new service appears in the list box to the right, along with its numeric protocol description. note that some well-known services add more than one entry to the list box. to add a custom service:
1 from add a known service drop-down list, select custom service.
2 in the name box, type a unique name, such as cc:mail or microsoft sql.
3 in the port box, type the ip port number.
4 from the protocol drop-down list, select the ip protocol type.
5 click add.
the new service appears in the list box. for a list of ip port numbers, see:
http://www.normos.org/ietf/rfc/rfc1700.txt
if you create multiple entries with the same name, they are grouped together as a single service and may not function as expected.
you can disable logging of events which are usually written to the internet firewall’s internal screen log. for example, if linux’s authentication protocol is filling the log with useless entries, you can configure the screen log to ignore all activity for this service.
to disable screen logs for a specific service:
1 highlight the service name in the list box.
2 clear the enable logging check box
3 click modify.
to delete a service:
1 highlight its name in the list box.
2 click delete service.
for services with multiple entries, you can delete only a single port/protocol combination from the list. for example, deleting the entry marked name service (dns) [53,6] deletes just the tcp portion of the service.