Network and Port Rules
Use the following syntax to configure Nessus network scanning rules:
The address/netmask is in CIDR notation.
For example, based on the following rule, you cannot scan any IP address in the /24 (standard class C) network:
Similarly, based on the following rule, you can scan any IP address in the /8 (standard class A) network:
Also, you can define ports or a port range to be allowed or denied certain ports. For example, to forbid connecting to port 80 for 10.0.0.1, enter the following rule:
Similarly to allow connecting to ports 8000 - 10000 for any host in the 192.168.0.0/24 subnet, enter the following rule: