Create a Service

Create a service that you can include in an application list. Use services and service lists to build rules in a firewall policy.

A service is identified by a signature based on the ports it uses. Layer 4 inspection is used to identify matching services. Each policy can have a maximum of 1,900 services.

You can create services one at a time using the following instructions, or you can import many at once using a .json file. See Bulk Import Firewall Policy Components more information.

After you create services, you can add them to a service list in the policy. You can't add services from one policy to a list in a different policy. The service must be created within each policy you want to use it in.

Important

Some names are reserved by Palo Alto Networks® and can't be used.
    1. On the navigation menu, select Identity & Security. Go to Firewalls, select Network Firewall Policies.
    2. Select the policy.
    3. Under Policy resources, select Services.
    4. Select Create service.
    5. Enter the information for the service:
      • Name: Enter a name.
      • Protocol: Select TCP or UDP as the protocol to define the service.
      • Port range: Enter a port number or range. For example, "80-8080", "22-22".
    6. Select Create service.
  • Use the network-firewall service create command and required parameters to create a service:

    oci network-firewall service create 
    --network-firewall-policy-id network firewall policy OCID --compartment-id compartment OCID[OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the CreateService operation to create a service.