Variables
Variables belong to one of the following categories:
- Default Variables
-
Variables provided by the system. You cannot rename or delete a default variable, and you cannot change its default value. However, you can create a customized version of a default variable.
- Customized Variables
-
Variables you create. These variables can include:
-
customized default variables
When you edit the value for a default variable, the system moves the variable from the Default Variables area to the Customized Variables area. Because variable values in the default set determine the default values of variables in custom sets, customizing a default variable in the default set modifies the default value of the variable in all other sets.
-
user-defined variables
You can add and delete your own variables, customize their values within different variable sets, and reset customized variables to their default values. When you reset a user-defined variable, it remains in the Customized Variables area.
User-defined variables can be one of the following types:
-
network variables specify the IP addresses of hosts in your network traffic.
-
port variables specify TCP or UDP ports in network traffic, including the value
any
for either type.
-
For example, if you create custom standard text rules, you might also want to add your own user-defined variables to more accurately reflect your traffic or as shortcuts to simplify the rule creation process. Alternatively, if you create a rule that you want to inspect traffic in the “demilitarized zone” (or DMZ) only, you can create a variable named
$DMZ
whose value lists the server IP addresses that are exposed. You can then use the$DMZ
variable in any rule written for this zone. -
- Advanced Variables
-
Variables provided by the system under specific conditions. These variables have a very limited deployment.