In Internet terminology, a service is a combination of a name, a protocol (TCP, UDP or ICMP) and a port number. Services are used to identify different kinds of traffic. In Network Control configuration the Service concept is slightly extended.
- DEFINING A SERVICE
A Service can be defined by one or more port numbers. Those port numbers can be given as a combination of individual and comma separated port numbers and port ranges. A port range is specified by two numbers separated by a hyphen (-). Ranges are inclusive in both ends.
The primary use for the Service definition is for matching access rights rules like Computer Rights or User Rights. Each IP packet belongs to one protocol (TCP, UDP, ICMP …). TCP and UDP packets will also use a single port number; the other protocols are implicitly associated with port number 0. An IP packet is said to match a service if the protocol is equal and if the port number of the packet is included in the list of individual port number and ranges specified in the Services settings.
Please note that if different Service definitions overlap, the matching behavior is undefined.