Creating a Service

Create a service that you can include in an application list. Use services and service lists to build rules in a Network Firewall policy.

Before you can create a service in a policy, you must first create a policy.
A service is identified by a signature based on the ports it uses. Layer 4 inspection is used to identify matching services. Each policy can have a maximum of 1,900 services. The following parameters are used to define a service:
  • Name: A unique name you define for the application.
  • Protocol: Choose TCP or UDP.
  • Port Number:Enter a port number or range. For example, "1433", "80-8080", "22-22". Each service can contain a max of 10 port ranges.
See Creating Network Firewall Policy Components for more information.

You can create services one at a time using the following instructions, or you can import many at once using a .json file. See Bulk Importing Network Firewall Policy Components more information.

After you create services, you can add them to a service list in the policy. You can't add services from one policy to a list in a different policy. The service must be created within each policy you want to use it in.

    1. Open the navigation menu and click Identity & Security. Under Firewalls, click Network Firewall Policies.
    2. Click a policy in the list.
    3. In Policy resources, click Services.
    4. Click Create service.
    5. Enter the information for the service:
      • Name: Enter a friendly name for the service. Avoid entering confidential information.
      • Protocol: Choose TCP or UDP as the protocol to define the service.
      • Port range: Enter a port number or range. For example, "80-8080", "22-22".
    6. Click Create service.
  • Use the network-firewall service create command and required parameters to create a service:

    oci network-firewall service create 
    --network-firewall-policy-id network firewall policy OCID --compartment-id compartment OCID[OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the CreateService operation to create a service.