Editing Apps Rules

Select an app and click the magnifier button to open the editing popover view.
This view shows two columns containing allowed and blocked items.
Items can be:

• group Everyone (includes the whole IPv4 and IPv6 address spaces)
• IPv4 addresses
• IPv6 addresses
• hostnames (for each valid hostname one or more IP addresses may be added, and each one of these addresses may reverse to a different hostname)
• IPv4 subnets (CIDR format like 192.168.0.0/24)
• ports
• ports ranges (for example: 2000:3000)

Addresses can be displayed as plain addresses or hostnames when available. Select the gear button in edit popover view and check/uncheck the option. Items order does not matter. Items cannot be reordered.
Passed and Blocked items cannot overlap. For example you can’t add a blocked port belonging to an already assigned passed port range. In case of error (or typo) a yellow caution icon will be displayed.

Each packet is checked for matching an app rule. Items are checked with this order:

• IP addresses (including hostnames)
• Subnets
• Ports
• Ports Ranges

The first item that matched a rule is the item that wins. Blocked items override passed items.

Examples:
if a packet matches a passed IP address and a blocked port, the packet will pass.
If the packet matches a blocked IP address and a passed subnet, it will be blocked.
If the packet matches a passed subnet and a blocked ports range, it will pass.
If the packet matches a blocked port and a passed ports range, it will be blocked.
In case a packet matches both a passed and a blocked subnets, packet will be blocked.

Click “+” and “-“ buttons on top of each column to add or remove records.
From the adding panel you can also add the “Everyone” group clicking the group button or typing “everyone”.
Adding and removing items automatically affects app status. For example adding group Everyone to a mixed state app will change its status and disable notifications for that app.
Changes are activated immediately.