Manual Chapter : Address and Port Lists

Applies To:

Show Versions Show Versions

BIG-IP AFM

  • 14.1.0
Manual Chapter

Address and Port Lists

About AFM address and port lists

AFM Network Firewall uses Address and Port lists to collect multiple IP addresses and service ports in single configuration objects. Firewall policies are then configured to reference the appropriate address and port list. While you can create firewall policies that contain many individual IP address and service port entries, F5 recommends creating and associating address and port lists with your firewall policies to simplify administration.
  • Address lists
    - a configuration object containing multiple IP addresses.
  • Port lists
    - a configuration object containing multiple service ports.
Your firewall policy workflow should begin with creating address and port lists.

Creating an address List

You can create an address list containing IP addresses, fully qualified domain names or geographic locations. The address list will be used later when modifying or creating a new rule list.
  1. On the Main tab, click
    Shared Objects
    Address Lists
    .
  2. Click
    Create
    .
  3. In the
    Name
    and
    Description
    fields, type a name and description.
  4. In the
    Addresses
    field, type an IPv4 or IPv6 IP address, a fully qualified domain name or a geographical location.
  5. Click
    Add
    .
  6. Repeat steps 4 and 5 to continue adding
    Addresses
    to the Address List.
  7. Click
    Finish
    , or
    Repeat
    to create another shared Address List.
The new address list appears in the Address Lists area.
Next, you can create a port list to allow or deny specific application services.

Creating a port List

You can create a port list that contains one or more service ports. The new port list can be referenced later when modifying or creating a rule list.
  1. On the Main tab, click
    Shared Objects
    Port Lists
    .
  2. Click
    Create
    .
  3. In the
    Name
    and
    Description
    fields, type a name and optional description.
  4. In the
    Ports
    field, type the service port number. For example, 22 for the SSH service.
  5. Click the
    Add
    button.
  6. Repeat steps 4 and 5 to continue adding
    Ports
    to the Port List.
  7. Click
    Finished
    , or
    Repeat
    to create another shared Port List.
The new port list appears in Port Lists area.
Next, you can create a firewall schedule to enable firewall rules during certain hours of the day or days of the week.