The Firewall Incoming feature is used for two primary purposes:

• To allow external (Internet) connections to your ClearOS system
• To permanently block a particular IP address or entire networks from accessing ClearOS

This feature is part of the core system and installed by default.

You can find this feature in the menu system at the following location:

<navigation>Network|Firewall|Incoming</navigation>

When the firewall is enabled on your ClearOS system, the default behavior is to block all external (Internet) traffic. If you plan on running services on your ClearOS system that can be accessible from the Internet, then you will need to add the firewall policy to do so. For example, the OpenVPN server requires UDP port 1194 to be open on the firewall.

You can also open up ports to allow for remote management of your ClearOS system. For example, you can open up TCP port 81 to give access to Webconfig.

There are three ways to add an incoming firewall rule:

• select a standard service in the Standard Services drop down
• input a protocol and single port number in the Port Number box.
• input a protocol and multiple consecutive ports in a port range in the Port Range box.

search?q=clearos%2C%20clearos%20content%2C%20Incoming%20Firewall%2C%20app-incoming_firewall%2C%20clearos5%2C%20userguide%2C%20categorynetwork%2C%20subcategoryfirewall%2C%20maintainer_dloper&amp;btnI=lucky