D-Link DFL-2500 User Guide - Page 61
Service Types
![]() |
View all D-Link DFL-2500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 61 highlights
42 Chapter 8. Logical Objects one user's program to other parties in a network. At this layer, other parties are identified and can be reached by specific application protocol types and corresponding parameters, such as port numbers. For example, the Web-browsing service HTTP is defined as to use the TCP protocol with destination port 80. Some of the other popular services at this layer include FTP, POP3, SMTP, Telnet, and so on. Beside these officially defined applications, user customized services can also be created in D-Link firewalls. Services are simplistic, in that they cannot carry out any action in the firewall on their own. Thus, a service definition does not include any information whether the service should be allowed through the firewall or not. That decision is made entirely by the firewall's IP rules, in which the service is used as a filter parameter. For more information about how to use services in rules, please see 14 IP Rules. 8.2.1 Service Types In D-Link firewalls, services can be configured via three options: TCP/UDP, ICMP, and IP Protocol service. A service is basically defined by a descriptive name, the type of the protocol, and protocol parameters. Different services can be united into one Service Group to simplify policy configuration, so that the administrators do not need to configure one rule for every service. TCP and UDP based services Service applications most commonly run on TCP or UDP, and are often associated with a well-known port number. In the firewall, they are defined by the type of protocol that the application uses, and the assigned port number or port range. For many services, a single destination port is sufficient. The HTTP service, for instance, uses TCP destination port 80, Telnet uses TCP 23, and SMTP uses TCP 25. In these cases, all ports (0-65535) will be accepted as source ports. Multiple ports or port ranges may also be set, for instance, a service can be defined as having source ports 1024-65535 and destination ports 80-82, 90-92, 95. In this case, a TCP or UDP packet with the destination port being one of 80, 81, 82, 90, 91, 92 or 95, and the source port being in the range 1024-65535, will match this service. D-Link Firewalls User's Guide
![](/manual_guide/products/dlink-dfl2500-user-guide-83bdca9/61.png)