About the firewall rule, firewall setting, and intrusion prevention processing order
|Article:HOWTO54968|||||Created: 2011-06-29|||||Updated: 2011-12-20|||||Article URL http://www.symantec.com/docs/HOWTO54968|
Firewall rules are ordered sequentially, from highest to lowest priority, or from the top to bottom in the rules list. If the first rule does not specify how to handle a packet, the firewall inspects the second rule. This process continues until the firewall finds a match. After the firewall finds a match, the firewall takes the action that the rule specifies. Subsequent lower priority rules are not inspected. For example, if a rule that blocks all traffic is listed first, followed by a rule that allows all traffic, the client blocks all traffic.
You can order rules according to exclusivity. The most restrictive rules are evaluated first, and the most general rules are evaluated last. For example, you should place the rules that block traffic near the top of the rules list. The rules that are lower in the list might allow the traffic.
See How a firewall works.
Article URL http://www.symantec.com/docs/HOWTO54968