Defining firewall instances
Firewalls filter packets on interfaces. Use of the firewall feature has two steps:
- Define a firewall instance and save it under a name. A firewall instance is also called a firewall rule set, where a rule set is just a series of firewall rules. You define the firewall instance and configure the rules in its rule set in the firewall configuration node.
- Apply the instance to an interface or a zone by configuring the interface configuration node for the interface or zone. After the instance is applied to the interface or zone, the rules in the instance begin filtering packets on that location.