Operation Manual
The Outpost Log System
70
is not turned on or not connected to the Internet. It is recommended that you keep Outpost
Firewall in stealth mode unless you have a reason not to.
Global rules and rawsocket access—lets you specify global rules for all applications. The
following rules are available by default:
• Allow DNS Resolution (TCP and UDP)
• Allow Outgoing DHCP
• Allow Inbound Identification (disabled by default)
• Allow Loopback (inbound)
• Allow GRE Protocol
• Allow PPTP control connection
• Block Remote Procedure Call (TCP and UDP)
• Block Server Message Block Protocol (TCP and UDP)
• Allow Localhost UDP Connection
Click Rules to edit the existing rules or to create new ones. The way the rules are created is
similar to how application based rules are created. For details, see
5.4 Creating Rules for
Applications.
The only differences are as follows.
You can specify the packet type for outbound connections (i.e. when Where the specified
direction is is Outbound:
• Local packets from or to the local network interface
• Transit packets that are passed along the system network interface or are forwarded
to other interfaces (packets that are received and then sent further)
• NAT packets – packets with translated IP-addresses (transit packets sent or
received through a NAT proxy)
Besides, you can mark the rule as a High Priority if you want this rule to prevail over the
application rules which take precedence by default.
Some applications can also access the network through direct low-level socket calls, also
known as rawsockets. These calls cannot be governed by ordinary protocols or application
rules and thus can serve as backdoors for rogue applications or processes to access the
network without any limits or regulations. To improve your system protection, Outpost
Firewall lets you control rawsocket access. You can define which applications are allowed
to make rawsocket calls and which are not. Click Rawsockets to bring up the following
dialog: