config application list
Configure application control lists.
config application list
Description: Configure application control lists.
edit <name>
set comment {var-string}
set replacemsg-group {string}
set extended-log [enable|disable]
set other-application-action [pass|block]
set app-replacemsg [disable|enable]
set other-application-log [disable|enable]
set enforce-default-app-port [disable|enable]
set force-inclusion-ssl-di-sigs [disable|enable]
set unknown-application-action [pass|block]
set unknown-application-log [disable|enable]
set p2p-black-list {option1}, {option2}, ...
set deep-app-inspection [disable|enable]
set options {option1}, {option2}, ...
config entries
Description: Application list entries.
edit <id>
set risk <level1>, <level2>, ...
set category <id1>, <id2>, ...
set sub-category <id1>, <id2>, ...
set application <id1>, <id2>, ...
set protocols {user}
set vendor {user}
set technology {user}
set behavior {user}
set popularity {option1}, {option2}, ...
set exclusion <id1>, <id2>, ...
config parameters
Description: Application parameters.
edit <id>
set value {string}
next
end
set action [pass|block|...]
set log [disable|enable]
set log-packet [disable|enable]
set rate-count {integer}
set rate-duration {integer}
set rate-mode [periodical|continuous]
set rate-track [none|src-ip|...]
set session-ttl {integer}
set shaper {string}
set shaper-reverse {string}
set per-ip-shaper {string}
set quarantine [none|attacker]
set quarantine-expiry {user}
set quarantine-log [disable|enable]
next
end
set control-default-network-services [disable|enable]
config default-network-services
Description: Default network service entries.
edit <id>
set port {integer}
set services {option1}, {option2}, ...
set violation-action [pass|monitor|...]
next
end
next
end
config application list
Parameter name |
Description |
Type |
Size |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
comment |
comments |
var-string |
Maximum length: 255 |
||||||||||||
replacemsg-group |
Replacement message group. |
string |
Maximum length: 35 |
||||||||||||
extended-log |
Enable/disable extended logging. |
option |
- |
||||||||||||
|
|
||||||||||||||
other-application-action |
Action for other applications. |
option |
- |
||||||||||||
|
|
||||||||||||||
app-replacemsg |
Enable/disable replacement messages for blocked applications. |
option |
- |
||||||||||||
|
|
||||||||||||||
other-application-log |
Enable/disable logging for other applications. |
option |
- |
||||||||||||
|
|
||||||||||||||
enforce-default-app-port |
Enable/disable default application port enforcement for allowed applications. |
option |
- |
||||||||||||
|
|
||||||||||||||
force-inclusion-ssl-di-sigs |
Enable/disable forced inclusion of SSL deep inspection signatures. |
option |
- |
||||||||||||
|
|
||||||||||||||
unknown-application-action |
Pass or block traffic from unknown applications. |
option |
- |
||||||||||||
|
|
||||||||||||||
unknown-application-log |
Enable/disable logging for unknown applications. |
option |
- |
||||||||||||
|
|
||||||||||||||
p2p-black-list |
P2P applications to be black listed. |
option |
- |
||||||||||||
|
|
||||||||||||||
deep-app-inspection |
Enable/disable deep application inspection. |
option |
- |
||||||||||||
|
|
||||||||||||||
options |
Basic application protocol signatures allowed by default. |
option |
- |
||||||||||||
|
|
||||||||||||||
control-default-network-services |
Enable/disable enforcement of protocols over selected ports. |
option |
- |
||||||||||||
|
|
config entries
Parameter name |
Description |
Type |
Size |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
risk |
Risk, or impact, of allowing traffic from this application to occur (1 - 5; Low, Elevated, Medium, High, and Critical). Risk, or impact, of allowing traffic from this application to occur (1 - 5; Low, Elevated, Medium, High, and Critical). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
||||||||||||
category |
Category ID list. Application category ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
||||||||||||
sub-category |
Application Sub-category ID list. Application sub-category ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
||||||||||||
application |
ID of allowed applications. Application IDs. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
||||||||||||
protocols |
Application protocol filter. |
user |
Not Specified |
||||||||||||
vendor |
Application vendor filter. |
user |
Not Specified |
||||||||||||
technology |
Application technology filter. |
user |
Not Specified |
||||||||||||
behavior |
Application behavior filter. |
user |
Not Specified |
||||||||||||
popularity |
Application popularity filter (1 - 5, from least to most popular). |
option |
- |
||||||||||||
|
|
||||||||||||||
exclusion |
ID of excluded applications. Excluded application IDs. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
||||||||||||
action |
Pass or block traffic, or reset connection for traffic from this application. |
option |
- |
||||||||||||
|
|
||||||||||||||
log |
Enable/disable logging for this application list. |
option |
- |
||||||||||||
|
|
||||||||||||||
log-packet |
Enable/disable packet logging. |
option |
- |
||||||||||||
|
|
||||||||||||||
rate-count |
Count of the rate. |
integer |
Minimum value: 0 Maximum value: 65535 |
||||||||||||
rate-duration |
Duration (sec) of the rate. |
integer |
Minimum value: 1 Maximum value: 65535 |
||||||||||||
rate-mode |
Rate limit mode. |
option |
- |
||||||||||||
|
|
||||||||||||||
rate-track |
Track the packet protocol field. |
option |
- |
||||||||||||
|
|
||||||||||||||
session-ttl |
Session TTL (0 = default). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
||||||||||||
shaper |
Traffic shaper. |
string |
Maximum length: 35 |
||||||||||||
shaper-reverse |
Reverse traffic shaper. |
string |
Maximum length: 35 |
||||||||||||
per-ip-shaper |
Per-IP traffic shaper. |
string |
Maximum length: 35 |
||||||||||||
quarantine |
Quarantine method. |
option |
- |
||||||||||||
|
|
||||||||||||||
quarantine-expiry |
Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker. |
user |
Not Specified |
||||||||||||
quarantine-log |
Enable/disable quarantine logging. |
option |
- |
||||||||||||
|
|
config parameters
Parameter name |
Description |
Type |
Size |
---|---|---|---|
value |
Parameter value. |
string |
Maximum length: 63 |
config default-network-services
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
port |
Port number. |
integer |
Minimum value: 0 Maximum value: 65535 |
||||||||||||||||||||||||
services |
Network protocols. |
option |
- |
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||||
violation-action |
Action for protocols not white listed under selected port. |
option |
- |
||||||||||||||||||||||||
|
|