GeSWall may restrict TCP/IP network traffic similar to network firewall functionality. You may configure application specific rules that deny or grant access to particular hosts, subnets at specified TCP/UDP ports. The rules are the same as those described in sections "7.2 Resources" and "7.3 Applications" but with 'Network' for Resource Type. Resource Name is an address of destination network hosts and subnets according to the following syntax.
Host[:Port][/Subnet]
Host is a mandatory field that represents DNS name or IP address of the target host, e.g.:
update.microsoft.com
192.168.1.17
Symbol '*' should be used to apply rule to all network hosts.
:Port is an optional field specifying TCP or UDP port numbers as described here http://wikipedia.org/wiki/TCP_and_UDP_port. The ports identify specific network service, such as web and e-mail.
Please refer http://wikipedia.org/wiki/TCP_and_UDP_port for the list of known ports.
If the port is not specified then rule is applied to communications at all ports.
/Subnet is an optional field that defines network mask in CIDR notation as described here http://wikipedia.org/wiki/Subnetwork, e.g.:
| Subnet | Network Mask | Hosts |
| /16 | 255.255.0.0 | 65,024 |
| /24 | 255.255.255.0 | 254 |
| /28 | 255.255.255.240 | 14 |
The addresses might be specified in resource definition
or in application specific rule.
Please note that 'Resource Name' defines destination host address. Source host address and transport protocol, such as TCP, UDP, ICMP and etc, are not specified and could be any.
Also note, GeSWall controls IP protocol network traffic recognized and handled by Windows core. GeSWall doesn't control non-IP protocols, such IPX, and does not control raw traffic prior its handling by Windows core. It means GeSWall cannot be used for screening network traffic from Windows core itself, but from applications.
