Adding a User-defined Service Group
A service group is a collection of services (protocols, source ports, and destination ports). A service group frees you from repeatedly modifying access rules and simplifies security group rule management.
Constraints
- A service group can have up to 64 services.
- A firewall instance can have up to 512 service groups.
- A firewall instance can have up to 900 services.
Adding a User-defined Service Group
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- In the navigation pane on the left, click and choose . The Dashboard page will be displayed.
- (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click View in the Operation column of a firewall to go to its details page.
- In the navigation pane, choose .
- Click the Service Groups tab. Click Add Service Group and configure parameters in the Add Service Group area. Enter the service group name and description.
Table 1 Service group parameters Parameter
Description
Service Group Name
Name of a service group
Description
Usage and application scenario
Services
- Protocol: Select a protocol. Supported protocols include TCP, UDP, and ICMP.
- Source Port: Set the source port to be allowed or blocked. You can configure a single port or consecutive port groups (example: 80-443).
- Destination Port: Set the destination port to be allowed or blocked. You can configure a single port or consecutive port groups (example: 80-443).
- Description: Usage and application scenario of the service group
- Confirm the information and click OK.
Adding a Service to a User-defined Service Group
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- In the navigation pane on the left, click and choose . The Dashboard page will be displayed.
- (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click View in the Operation column of a firewall to go to its details page.
- In the navigation pane, choose .
- Click the Service Groups tab. Click the name of a service group. The Service Group Details dialog box is displayed..
- Click Add Service.
Table 2 Adding a service Parameter
Description
Example Value
Protocol
Its value can be TCP, UDP, or ICMP.
TCP
Source Port
Source ports to be allowed or blocked. You can configure a single port or consecutive port groups (example: 80-443).
NOTE:If Protocol is set to ICMP, you do not need to specify any port number.
80
Destination Port
Destination ports to be allowed or blocked. You can configure a single port or consecutive port groups (example: 80-443).
NOTE:If Protocol is set to ICMP, you do not need to specify any port number.
80
Description
Usage and application scenario
-
- You can click Add to add multiple services.
- Confirm the information and click OK.
Related Operations
- Exporting service groups: Click Export above the list and select a data range.
- Deleting services in batches: On the Service Groups tab, select services and click Delete above the list.
Follow-up Operations
A service group takes effect only after it is set in a protection rule. For more information, see Adding Protection Rules to Block or Allow Traffic.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.