Create a Service List

Create a list of services you can use to build rules in a firewall policy.

Create service lists to allow or deny traffic to a group of services. A service is identified by a signature based on the ports it uses. Layer 4 inspection is used to identify matching services. You can create a maximum of 2,000 service lists in a policy. A service list can contain a maximum of 200 services.

To import multiple service lists using a .json file, see Bulk Import Firewall Policy Components.

Important

Some names are reserved by Palo Alto Networks® and can't be used.
    1. On the navigation menu, select Identity & Security. Go to Firewalls, select Network Firewall Policies.
    2. Select the policy.
    3. Under Policy resources, select Service lists.
    4. Select Create service list.
    5. Enter a name.
    6. (Optional) If you haven't created any services to use in the list, select Create service. Follow the instructions in Create a Service to create some services to use in the list.
    7. In the Available services list, select the services you want to include in the service list. Select Add to selected.
    8. (Optional) In the Selected services list, select any services you want to remove from the service list. Select Remove from selected.
    9. When you've included all the services in the Selected services list, select Create service list.
  • Use the network-firewall service-list create command and required parameters to create a service:

    oci network-firewall service-list create 
    --network-firewall-policy-id network firewall policy OCID --compartment-id compartment OCID
    --total-services integer--services '["service_1", "service_2"]'[OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the CreateServiceList operation to create a service list.