Request:
More flexible field for entering ports in firewall rule settings:
allow >1 port numbers in port fields, e.g. “21, 23, 1200-1800”
Reason:
Sometimes it’s useful to create a rule for a few ports. It can currently be achieved, but in a complicated way: one must define port set and then select the named set in rule settings. It is complicated and usually not necessary - most often the required ports change from program to program, so explicit defining a set is an overkill. Another option is making one rule for port - but this gets messy for more than 2-3 ports.
Example scenario:
user defines a rule for software X
user knows that this software uses ports 21, 23, 1200-1800
user can enter these ports straight to an textbox in rule edit window: “21, 23, 1200-1800”
proper rule is created
Additional info:
This is a common way of entering set of numbers - see e.g. defining pages to print in Office and Acrobat Reader, or defining ports in competition firewalls. This should not be very complicated to develop and would help more power users in quick defining of required rules, especially when combined with my previous request (“allow editing of rule created from alert window, if ‘remember’ was checked”).
I don’t see why NOT creating a Port Set is more complicated, you can add first 21, than 23 and than 1200-1400 to a zone! If a set of ports is used is rules of several apllications, changing the defined zone will do the trick for all applications, without me having to go through the whole database of rules… There for minus one!
I think an important point was, that it’s actually often enough the case that such port sets are created for only one application. So, to reformulate the request: “Anonymous” (=without a name) port sets should be possible [if one wants: one for each program]. The named port sets are only really useful when using them in multiple rules.