Blocking External Sites - Watchguard SOHO User Manual

3 Beneath the Protocol Settings fields, select either TCP Port,
UDP Port or Protocol from the drop list.
The Custom Service page refreshes.
4 Define a name for the service in the appropriate field.
5 Enter the protocol number to allow in the Protocol field.
Now that you have created a custom service, you will need to
specify a filter rule as well as define the incoming and outgoing
properties.
6 At the Incoming and Outgoing Filter drop lists, select either
Allow or Deny.
7 Select either Host IP Address, Network IP Address, or Host
Range from the appropriate drop list.
The configuration page refreshes.
8 Enter either a single host IP address, a network IP address, or a
the start and end of a range of host IP addresses for this custom
service in the appropriate fields.
9 Click the Add button.
Repeat the last three steps until all the appropriate address information
for this custom service appears in the appropriate fields.
10 Click the Submit button.

Blocking External Sites

By default, the security stance of the SOHO is to deny all incoming
packets from the Internet to computers on the trusted network
protected by the SOHO firewall. However, if a user initiates
contact with an external site, the return traffic will be allowed
through the firewall. You can selectively close your network to
certain Internet sites entirely.
User Guide 5.0
Blocking External Sites
67