Allows a named source access to a named service.
An external interface. The name is the real name of the interface.
A reference to a named network.
A network is a named ip-address or ip-range.
A port number can either be a positive integer, like '22' for ssh or '80' for www, but also a name of a service, like 'ssh' or 'sunrpc'. If a service name is used, the system must be able to translate the string into a positive integer.
See http://en.wikipedia.org/wiki/TCP_and_UDP_port for information on ports.
A service is a named collection of ports, related to a service. A port can, for this setup, be a member in more than one service, but usually this is not the case. Usually there's one port associated with a single service. To distinguish this named service from services as used to represent ports, please start the name with an upper case character, for instance 'WWW' for the service and 'www' for the port or 'Telnet' for the service and 'telnet' for port 23. For service 'WWW' you could associate both ports 80 ('www') and 443 ('https').
A named collection of networks.