A rule set configuration file contains firewall rules and describes each rule's relationship with ports and protocols. The rule set configuration file can contain rule sets for multiple services.

Rule set configuration files are located in the /etc/vmware/firewall/ directory. To add a service to the host security profile, VMware partners can create a VIB that contains the port rules for the service in a configuration file. VIB authoring tools are available to VMware partners only.

Each set of rules for a service in the rule set configuration file contains the following information.

A numeric identifier for the service, if the configuration file contains more than one service.

A unique identifier for the rule set, usually the name of the service.

For each rule, the file contains one or more port rules, each with a definition for direction, protocol, port type, and port number or range of port numbers.

An indication of whether the service is enabled or disabled when the rule set is applied.

An indication of whether the rule set is required and cannot be disabled.

<ConfigRoot> 
<service id='0000'> 
 <id>serviceName</id>
  <rule id = '0000'> 
   <direction>inbound</direction>
   <protocol>tcp</protocol>
   <porttype>dst</porttype> 
   <port>80</port>
  </rule> 
  <rule id='0001'>
   <direction>inbound</direction>
   <protocol>tcp</protocol>
   <porttype>src</porttype> 
   <port>
    <begin>1020</begin> 
    <end>1050</end>
   </port>
 </rule>
 <enabled>true</enabled>
	<required>false</required> 
</service>
</ConfigRoot>