Manual Chapter : Address and Port Lists

Applies To:

Show Versions Show Versions

BIG-IP AFM

  • 14.1.2, 14.1.0
Manual Chapter

Address and Port Lists

About AFM address and port lists

AFM Network Firewall uses Address and Port lists to collect multiple IP addresses and service ports in single configuration objects. Firewall policies are then configured to reference the appropriate address and port list. While you can create firewall policies that contain many individual IP address and service port entries, F5 recommends creating and associating address and port lists with your firewall policies to simplify administration.

  • Address lists - a configuration object containing multiple IP addresses.

  • Port lists - a configuration object containing multiple service ports.

Your firewall policy workflow should begin with creating address and port lists.

Creating an address List

You can create an address list containing IP addresses, fully qualified domain names or geographic locations. The address list will be used later when modifying or creating a new rule list.
  1. On the Main tab, click Shared Objects > Address Lists .
  2. Click Create.
  3. In the Name and Description fields, type a name and description.
  4. In the Addresses field, type an IPv4 or IPv6 IP address, a fully qualified domain name or a geographical location.
  5. Click Add.
  6. Repeat steps 4 and 5 to continue adding Addresses to the Address List.
  7. Click Finish, or Repeat to create another shared Address List.
The new address list appears in the Address Lists area.
Next, you can create a port list to allow or deny specific application services.

Creating a port List

You can create a port list that contains one or more service ports. The new port list can be referenced later when modifying or creating a rule list.
  1. On the Main tab, click Shared Objects > Port Lists .
  2. Click Create.
  3. In the Name and Description fields, type a name and optional description.
  4. In the Ports field, type the service port number. For example, 22 for the SSH service.
  5. Click the Add button.
  6. Repeat steps 4 and 5 to continue adding Ports to the Port List.
  7. Click Finished, or Repeat to create another shared Port List.
The new port list appears in Port Lists area.
Next, you can create a firewall schedule to enable firewall rules during certain hours of the day or days of the week.