There are a few considerations which need to be taken into account:
The first line contains the version format in use - "#VERSION=2"
Rules are applied in the sequential order they appear, meaning the first matching rule will be applied.
Each line represents a rule - a rule cannot be split in multiple different lines.
Multiple parameter values are separated by a comma (,)
Default configurations are considered safe (but not highly restrictive), though these will not allow any integration with other external systems. A wide open insecure configuration will contain wildcard perit statements like "P TP=* HOST=*" - in such cases all alarm bells should be ringing and this needs to be rectified as soon as possible.
In a simplistic scenario you will know the systems with which the you AS ABAP system is communicating and will be able to explicitly add those to the reginfo and secinfo ACLs. In order to do that you will need a basic understanding of the different rule parameters and syntax.
Reginfo
Rule syntax: TP= [HOST=,...] [NO=] [ACCESS=] [CANCEL=]
TP - the registration identifier of the external program.
HOST - the hostname(s) from which the external programs are allowed to logon from. The keyword "local" means programs from the current host of the system (the same server on which the NetWeaver server is running right now) can connect to the Gateway. The keyword "internal" means programs that are running on any host of the current SAP system can connect to the Gateway. You can also enter either DNS names or IPs and use wildcards with those e.g. "*.mycorp.com" or "10.10.10.*"
NO - defines the number of registrations allowed by this particular rule.
ACCESS - defines the hostnames permitted to use the registered program.
CANCEL - defines a list of hostnames that can cancel the registration
Secinfo
Rule syntax: TP=<tp>, USER=<user>, HOST=<host>, [USER-HOST=<user_host>]
TP - the registration identifier of the external program.
USER - user name allowed to start the program
HOST - hostname(s) where the program can be started. The keywords "local" and "internal" have the same meaning as in the reginfo specification.
USER-HOST - a list of hostnames from where the users can start the program.
In a realistic scenario there will be dozens of integrations and the system would be running for quite some time already. Doing direct changes to a production system may yield a lot of trouble and service downtimes. Therefore, it is recommended first switch on the Gateway logging and identify all programs and servers which already connect to the system. On the basis of a continuous logging, a restrictive system list can be created and applied as reginfo and secinfo ACLs.
In order to switch on the Logging go back to SMGW and navigate to Goto --> Expert Functions --> Logging.