Firewalls can be used to implement access control on simple application servers and define security domains in the cloud. This topic describes the port information preset by the firewall feature and how to add firewall rules for a simple application server.

Background information

By default, the firewall of each simple application server allows traffic on Secure Shell (SSH) port 22, HTTP port 80, and HTTPS port 443 and denies traffic on the other ports. You can add firewall rules to allow traffic on more ports.

Add a firewall rule

  1. Log on to the Simple Application Server console.
  2. In the left-side navigation pane, click Servers.
  3. Find the simple application server for which you want to add a firewall rule, and click the server card.
  4. In the left-side navigation pane, choose Security > Firewall.
    If you have never added firewall rules for the server, you can find only ports 22, 80, and 443 on which traffic is allowed by default on the Firewall page.
  5. On the Firewall page, click Add Rules in the upper-right corner.
  6. In the Add Firewall Rule dialog box, configure parameters such as Application Type, Protocol, and Port Range and click OK.
    The following table describes the parameters.
    Parameter Description
    Application Type
    You can select Customize from the Application Type drop-down list to customize a firewall rule, or select another value from the drop-down list to use a preset firewall rule.
    • If you use preset firewall rules, the protocols and port ranges are automatically entered and do not need to be manually specified. For more information about preset firewall rules, see Port information preset in firewalls.
    • If you want to customize one or more firewall rules, you must specify the protocols and port ranges.
    Protocol
    • When you select a preset firewall rule, a protocol is automatically entered and does not need to be manually specified.
    • When you customize a firewall rule, you must specify this parameter. Valid values: TCP and UDP.
    Port Range
    • When you select a preset firewall rule, a port range is automatically entered and does not need to be manually specified.
    • When you customize a firewall rule, you must specify this parameter. Valid values: 1 to 65535. You can use one of the following methods to set this parameter:
      • Specify a single port. For example, to allow traffic on Oracle listener port 1521, enter 1521 in the Port Range field.
      • Specify a port number range. For example, to allow traffic on ports in the range of 20000 to 30000 that you specify in the FTP configuration file, enter 20000/30000 in the Port Range field.
    Remark Enter a description for the firewall rule to facilitate subsequent management.
    You can click +Add Rules to add more rules.
    After you add firewall rules, you can view the added rules on the Firewall page, as shown in the following figure. Firewall

Port information preset in firewalls

Application type Protocol Port range Description
HTTP TCP 80 The default HTTP port.
HTTPS TCP 443 The default HTTPS port.
SSH TCP 22 The default SSH port.
FTP TCP 21 The default FTP port.
TELNET TCP 23 The default Telnet port.
MySQL TCP 3306 The default MySQL port.
All TCP TCP 1 to 65535 All TCP ports.
All UDP UDP 1 to 65535 All UDP ports.
All TCP and UDP TCP+UDP 1 to 65535 All TCP and UDP ports.
Custom TCP or UDP 1 to 65535 The custom port range.