Would like to inquire
What should I set for the rule's Protocol, if I would like to monitor the internet traffic only?
Is it TCP/UDP or Ipv4 protocols?
And what is the difference between them if possible.
This also depends on what you define as Internet traffic Basically TCP/UDP covers most practical purposes, however this also leaves ICMP out. This means users will be able to ping Internet hosts freely, while their downloads will be restricted according to the rules that you will create.
For most networks either choice will do. I recommend to create rules that apply on all IPv4 based protocols. In order to illustrate the answer, there is the protocol stack. As you can see, if you create a rule that applies on the IPv4 level, it will capture anything above it. If you create a TCP/UDP based rule, it will capture only these protocols above IPv4.
Thanks for the fast reply. Sorry but I'm not very familiar with the protocols and I've long forgotten the details about the stacks : P
When refering to internet traffic, I would like to monitor the traffic specifically for the internet only, web browsing, internet dowload and etc that is going through my host box, and to the clients.
I'm concerned that, for the local traffics - LAN communications, e.g. My client accessing my host for some server application. Does the LAN communication itself use IPv4 or TCP/UDP communication protocols?