config firewall service custom
Description: Configure custom services.
edit <name>
set proxy [enable|disable]
set category {string}
set protocol [TCP/UDP/SCTP|ICMP|...]
set helper [auto|disable|...]
set iprange {user}
set fqdn {string}
set protocol-number {integer}
set icmptype {integer}
set icmpcode {integer}
set tcp-portrange {user}
set udp-portrange {user}
set sctp-portrange {user}
set tcp-halfclose-timer {integer}
set tcp-halfopen-timer {integer}
set tcp-timewait-timer {integer}
set udp-idle-timer {integer}
set session-ttl {user}
set check-reset-range [disable|strict|...]
set comment {var-string}
set color {integer}
set visibility [enable|disable]
set app-service-type [disable|app-id|...]
set app-category <id1>, <id2>, ...
set application <id1>, <id2>, ...
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
proxy | Enable/disable web proxy service. enable: Enable setting. disable: Disable setting. |
option | - |
category | Service category. | string | Maximum length: 63 |
protocol | Protocol type based on IANA numbers. TCP/UDP/SCTP: TCP, UDP and SCTP. ICMP: ICMP. ICMP6: ICMP6. IP: IP. HTTP: HTTP - for web proxy. FTP: FTP - for web proxy. CONNECT: Connect - for web proxy. SOCKS-TCP: Socks TCP - for web proxy. SOCKS-UDP: Socks UDP - for web proxy. ALL: All - for web proxy. |
option | - |
helper | Helper name. auto: Automatically select helper based on protocol and port. disable: Disable helper. ftp: FTP. tftp: TFTP. ras: RAS. h323: H323. tns: TNS. mms: MMS. sip: SIP. pptp: PPTP. rtsp: RTSP. dns-udp: DNS UDP. dns-tcp: DNS TCP. pmap: PMAP. rsh: RSH. dcerpc: DCERPC. mgcp: MGCP. |
option | - |
iprange | Start and end of the IP range associated with service. | user | Not Specified |
fqdn | Fully qualified domain name. | string | Maximum length: 255 |
protocol-number | IP protocol number. | integer | Minimum value: 0 Maximum value: 254 |
icmptype | ICMP type. | integer | Minimum value: 0 Maximum value: 4294967295 |
icmpcode | ICMP code. | integer | Minimum value: 0 Maximum value: 255 |
tcp-portrange | Multiple TCP port ranges. | user | Not Specified |
udp-portrange | Multiple UDP port ranges. | user | Not Specified |
sctp-portrange | Multiple SCTP port ranges. | user | Not Specified |
tcp-halfclose-timer | Wait time to close a TCP session waiting for an unanswered FIN packet (1 - 86400 sec, 0 = default). | integer | Minimum value: 0 Maximum value: 86400 |
tcp-halfopen-timer | Wait time to close a TCP session waiting for an unanswered open session packet (1 - 86400 sec, 0 = default). | integer | Minimum value: 0 Maximum value: 86400 |
tcp-timewait-timer | Set the length of the TCP TIME-WAIT state in seconds (1 - 300 sec, 0 = default). | integer | Minimum value: 0 Maximum value: 300 |
udp-idle-timer | UDP half close timeout (0 - 86400 sec, 0 = default). | integer | Minimum value: 0 Maximum value: 86400 |
session-ttl | Session TTL (300 - 2764800, 0 = default). | user | Not Specified |
check-reset-range | Configure the type of ICMP error message verification. disable: Disable RST range check. strict: Check RST range strictly. default: Using system default setting. |
option | - |
comment | Comment. | var-string | Maximum length: 255 |
color | Color of icon on the GUI. | integer | Minimum value: 0 Maximum value: 32 |
visibility | Enable/disable the visibility of the service on the GUI. enable: Show in service selection. disable: Hide from service selection. |
option | - |
app-service-type | Application service type. disable: Disable application type. app-id: Application ID. app-category: Applicatin category. |
option | - |
app-category <id> |
Application category ID. Application category id. |
integer | Minimum value: 0 Maximum value: 4294967295 |
application <id> |
Application ID. Application id. |
integer | Minimum value: 0 Maximum value: 4294967295 |
config firewall service custom
Description: Configure custom services.
edit <name>
set proxy [enable|disable]
set category {string}
set protocol [TCP/UDP/SCTP|ICMP|...]
set helper [auto|disable|...]
set iprange {user}
set fqdn {string}
set protocol-number {integer}
set icmptype {integer}
set icmpcode {integer}
set tcp-portrange {user}
set udp-portrange {user}
set sctp-portrange {user}
set tcp-halfclose-timer {integer}
set tcp-halfopen-timer {integer}
set tcp-timewait-timer {integer}
set udp-idle-timer {integer}
set session-ttl {user}
set check-reset-range [disable|strict|...]
set comment {var-string}
set color {integer}
set visibility [enable|disable]
set app-service-type [disable|app-id|...]
set app-category <id1>, <id2>, ...
set application <id1>, <id2>, ...
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
proxy | Enable/disable web proxy service. enable: Enable setting. disable: Disable setting. |
option | - |
category | Service category. | string | Maximum length: 63 |
protocol | Protocol type based on IANA numbers. TCP/UDP/SCTP: TCP, UDP and SCTP. ICMP: ICMP. ICMP6: ICMP6. IP: IP. HTTP: HTTP - for web proxy. FTP: FTP - for web proxy. CONNECT: Connect - for web proxy. SOCKS-TCP: Socks TCP - for web proxy. SOCKS-UDP: Socks UDP - for web proxy. ALL: All - for web proxy. |
option | - |
helper | Helper name. auto: Automatically select helper based on protocol and port. disable: Disable helper. ftp: FTP. tftp: TFTP. ras: RAS. h323: H323. tns: TNS. mms: MMS. sip: SIP. pptp: PPTP. rtsp: RTSP. dns-udp: DNS UDP. dns-tcp: DNS TCP. pmap: PMAP. rsh: RSH. dcerpc: DCERPC. mgcp: MGCP. |
option | - |
iprange | Start and end of the IP range associated with service. | user | Not Specified |
fqdn | Fully qualified domain name. | string | Maximum length: 255 |
protocol-number | IP protocol number. | integer | Minimum value: 0 Maximum value: 254 |
icmptype | ICMP type. | integer | Minimum value: 0 Maximum value: 4294967295 |
icmpcode | ICMP code. | integer | Minimum value: 0 Maximum value: 255 |
tcp-portrange | Multiple TCP port ranges. | user | Not Specified |
udp-portrange | Multiple UDP port ranges. | user | Not Specified |
sctp-portrange | Multiple SCTP port ranges. | user | Not Specified |
tcp-halfclose-timer | Wait time to close a TCP session waiting for an unanswered FIN packet (1 - 86400 sec, 0 = default). | integer | Minimum value: 0 Maximum value: 86400 |
tcp-halfopen-timer | Wait time to close a TCP session waiting for an unanswered open session packet (1 - 86400 sec, 0 = default). | integer | Minimum value: 0 Maximum value: 86400 |
tcp-timewait-timer | Set the length of the TCP TIME-WAIT state in seconds (1 - 300 sec, 0 = default). | integer | Minimum value: 0 Maximum value: 300 |
udp-idle-timer | UDP half close timeout (0 - 86400 sec, 0 = default). | integer | Minimum value: 0 Maximum value: 86400 |
session-ttl | Session TTL (300 - 2764800, 0 = default). | user | Not Specified |
check-reset-range | Configure the type of ICMP error message verification. disable: Disable RST range check. strict: Check RST range strictly. default: Using system default setting. |
option | - |
comment | Comment. | var-string | Maximum length: 255 |
color | Color of icon on the GUI. | integer | Minimum value: 0 Maximum value: 32 |
visibility | Enable/disable the visibility of the service on the GUI. enable: Show in service selection. disable: Hide from service selection. |
option | - |
app-service-type | Application service type. disable: Disable application type. app-id: Application ID. app-category: Applicatin category. |
option | - |
app-category <id> |
Application category ID. Application category id. |
integer | Minimum value: 0 Maximum value: 4294967295 |
application <id> |
Application ID. Application id. |
integer | Minimum value: 0 Maximum value: 4294967295 |