D-Link DFL-260E User Manual page 87

3.2.2. Creating Custom Services
Let us now take a closer look at TCP/UDP services.
TCP and UDP Based Services
Most applications use TCP and/or UDP as transport protocol for transferring data over IP networks.
Transmission Control Protocol (TCP) is a connection-oriented protocol that includes mechanisms
for reliable point to point transmission of data. TCP is used by many common applications where
error-free transfers are mandatory, such as HTTP, FTP and SMTP.
UDP Orientated Applications
For applications where data delivery speed is of greatest importance, for example with streaming
audio and video, the User Datagram Protocol (UDP) is the preferred protocol. UDP is
connectionless, provides minimal transmission error recovery, and has a much lower overhead when
compared with TCP. Due to the lower overhead, UDP is also used for some non-streaming services
and in those cases the applications themselves must provide any error recovery mechanisms.
TCP and UDP Service Definition
To define a TCP or UDP based protocol to NetDefendOS, a TCP/UDP service object is used. Apart
from a unique name describing the service, the object contains information about what protocol
(TCP, UDP or both) and what source and destination ports are applicable for the service.
Specifying Port Numbers
Port numbers are specified with all types of services and it is useful to understand how these can be
entered in user interfaces. They can be specified for both the Source Port and/or the Destination
Port of a service in the following ways:
Single Port
Port Ranges
Multiple Ports and Port Ranges
For many services, a single destination port is sufficient. For
example, HTTP usually uses destination port 80. The SMTP
protocol uses port 25 and so on. For these types of service,
the single port number is simply specified in the service
definition as a single number.
Some services use a range of destination ports. As an
example, the NetBIOS protocol used by Microsoft
Windows™ uses destination ports 137 to 139.
To define a range of ports in a TCP/UDP service object, the
format mmm-nnn is used. A port range is inclusive, meaning
that a range specified as 137-139 covers ports 137, 138 and
139.
Multiple ranges or individual ports may also be entered,
separated by commas. This provides the ability to cover a
wide range of ports using only a single TCP/UDP service
object.
For example, all Microsoft Windows networking can be
covered using a port definition specified as 135-139,445.
HTTP and HTTPS can be covered by specifying destination
ports 80,443.
87
Chapter 3. Fundamentals