Create a Service List
Create a list of services you can use to build rules in a firewall policy.
Create service lists to allow or deny traffic to a group of services. A service is identified by a signature based on the ports it uses. Layer 4 inspection is used to identify matching services. You can create a maximum of 2,000 service lists in a policy. A service list can contain a maximum of 200 services.
To import multiple service lists using a .json
file, see Bulk Import Firewall Policy Components.
Important
Some names are reserved by Palo Alto Networks® and can't be used.
Some names are reserved by Palo Alto Networks® and can't be used.
- Select the policy.
- Under Policy resources, select Service lists.
- Select Create service list.
- Enter a name.
- (Optional) If you haven't created any services to use in the list, select Create service. Follow the instructions in Create a Service to create some services to use in the list.
- In the Available services list, select the services you want to include in the service list. Select Add to selected.
- (Optional) In the Selected services list, select any services you want to remove from the service list. Select Remove from selected.
- When you've included all the services in the Selected services list, select Create service list.
Use the network-firewall service-list create command and required parameters to create a service:
oci network-firewall service-list create --network-firewall-policy-id network firewall policy OCID --compartment-id compartment OCID --total-services integer--services '["service_1", "service_2"]'[OPTIONS]
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the CreateServiceList operation to create a service list.