Managing Protection Rules

This section describes the protection rule parameters page and how to edit, copy, and delete a protection rule.

The default priority of the copy of a protection rule is 1 (highest priority).

Log in to the management console.
Click in the upper left corner of the management console and select a region or project.
In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
(Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.

In the navigation pane on the left, choose Access Control. Click the Internet Borders or Inter-VPC Borders tab.

**Table 1** Protection rule parameters
Parameter	Description
Priority	Priority of the rule. A smaller value indicates a higher priority.
Name/Rule ID	Custom rule name and ID
Status	Status of the rule. It can be enabled or disabled.
Direction	Traffic direction of the protection rule.
Source	The party that originates a session.
Destination	The recipient of a session.
Service	Its value can be TCP, UDP, ICMP, or Any. Source Port: Source ports to be allowed or blocked. You can configure a single port or consecutive port groups (example: 80-443). Destination Port: Destination ports to be allowed or blocked. You can configure a single port or consecutive port groups (example: 80-443).
Action	Allow: Allow the traffic to pass through the firewall. Block: Block the traffic from passing through the firewall.
Hits	Total number of actions that have been triggered by the rule (since the last reset). For details, see Access Control Logs.
Tags	Tag of a rule.
Created	Time when the current rule is created.
Update Time	Time when the current rule was last edited.
Last Used	Time when the current rule was last used.

(Optional) Select a direction and a protocol type from the drop-down list boxes.

Log in to the management console.
Click in the upper left corner of the management console and select a region or project.
In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
(Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
In the navigation pane on the left, choose Access Control. Click the Internet Borders or Inter-VPC Borders tab.
In the row of a rule, click Edit in the Operation column.
In the displayed Edit Rule dialog box, modify the rule parameters.
Click OK.

Log in to the management console.
Click in the upper left corner of the management console and select a region or project.
In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
(Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
In the navigation pane on the left, choose Access Control. Click the Internet Borders or Inter-VPC Borders tab.
In the row of a rule, choose More > Copy in the Operation column.
Modify parameters and click OK. The default priority of the new protection rule is 1 (highest priority).

Deleted rules cannot be restored. Exercise caution when performing this operation.

Log in to the management console.
Click in the upper left corner of the management console and select a region or project.
In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
(Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
In the navigation pane on the left, choose Access Control. Click the Internet Borders or Inter-VPC Borders tab.
In the row of a rule, choose More > Delete in the Operation column.
In the Delete Rule dialog box, enter DELETE and click OK.