order for rules/policies

[darahw]

Hello

I am configuring my first checkpoint firewall (NG)

Could someone please tell me the correct order for the policies? I am setting up policies to block AOL- IM, yahoo IM, and MSN- IM, I have 2 rules for each. Do I need to keep the domain rules together and the predefined protocols together? Or can I list the 2 AOL rules, and then the 2 Yahoo rules, and the 2 MSN rules?

What is the proper way to do this?

Thanks in advance!

 

[Piloria]

The order of these rules is not that important as long as they are between the stealth rule (no traffic to the firewall) and the catch all rule (any - any - any - drop - log.
if the rules dont interfear with each other i.e. one negates another the best solution is for ease of reading for yourself.
the only other reason for a specif order is performance put the most commenly used rules towards the top of your rulebase as cpfw1 reads until it finds a rule that specificly allows or drops then doesnt continue down the rules.