Kirti,  Here are a few examples of filters I have needed.  If you have HARM loaded, just cut and paste them into new filters and that way you have them saved.  I'll forward you on a complete list of filter commands in a bit.

 

Allows http, SSL and FTP to specified IP address.  ICMP as well.

 

#filter 1 

IP:

010 ACCEPT tcp-dst-port = 80;

020 ACCEPT tcp-dst-port = 443;

030 ACCEPT tcp-dst-port = 20;

040 ACCEPT tcp-dst-port = 21;

050 REJECT dst-addr != 192.85.133.35;

060 ACCEPT icmp-type = 0;

070 DENY

 

 

Reverse filter.  Note the ! sign.

 

#filter  2

IP:

010 REJECT dst-addr != 10.86.100.53;

020 DENY;

 

 

Multiple servers / multiple ports using AND/ACCEPT pair.

 

#filter 3

IP:

# permit access SERVER1

010 AND tcp-dst-port = 30016;

020 ACCEPT dst-addr = 10.86.100.100/32;

# permit access SERVER2

030 AND tcp-dst-port = 30020;

040 ACCEPT dst-addr = 10.86.100.101/32;

# permit access SERVER3

050 AND tcp-dst-port = 30024;

060 ACCEPT dst-addr = 10.86.100.102/32;

# permit access SERVER4

070 AND tcp-dst-port = 30014;

080 ACCEPT dst-addr = 10.86.100.103/32;

# permit access SERVER5

090 AND tcp-dst-port = 30012;

100 ACCEPT dst-addr = 10.86.100.104/32;

# permit access SERVER6

110 AND tcp-dst-port = 30018;

120 ACCEPT dst-addr = 10.86.100.105/32;

# permit access SERVER7

130 AND tcp-dst-port = 30026;

140 ACCEPT dst-addr = 10.86.100.106/32;

150 AND tcp-dst-port >= 20;

160 ACCEPT tcp-dst-port <= 21;

170 ACCEPT tcp-dst-port = 7;

180 DENY;