Creating a Service List

Create a list of services you can use to build rules in a Network Firewall policy.

Before you can create a service list in a policy, you must first create a policy.

Create service lists to allow or deny traffic to a group of services. A service is identified by a signature based on the ports it uses. Layer 4 inspection is used to identify matching services. You can create a maximum of 2,000 service lists in a policy. A service list can contain a maximum of 200 services. See Creating Network Firewall Policy Components for more information.

You can create service lists one at a time using the following instructions, or you can import many at once using a .json file. See Bulk Importing Network Firewall Policy Components more information.

    1. Open the navigation menu and click Identity & Security. Under Firewalls, click Network Firewall Policies.
    2. Click on a policy in the list.
    3. In Policy resources, click on Service lists.
    4. Click Create service list.
    5. Enter a friendly name for the service list. Avoid entering confidential information.
    6. (Optional) If you haven't created any services to use in the list, click Create service. Follow the instructions in Creating a Service to create some services to use in the list.
    7. In the Available services list, select the services you want to include in the service list. Click Add to selected.
    8. (Optional) In the Selected services list, select any services you want to remove from the service list. Click Remove from selected.
    9. When you've included all the desired services in the Selected services list, click Create service list.
  • Use the network-firewall service-list create command and required parameters to create a service:

    oci network-firewall service-list create 
    --network-firewall-policy-id network firewall policy OCID --compartment-id compartment OCID
    --total-services integer--services '["service_1", "service_2"]'[OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the CreateServiceList operation to create a service list.