config application list
Configure application control lists.
config application list
Description: Configure application control lists.
edit <name>
set comment {var-string}
set replacemsg-group {string}
set extended-log [enable|disable]
set other-application-action [pass|block]
set app-replacemsg [disable|enable]
set other-application-log [disable|enable]
set enforce-default-app-port [disable|enable]
set force-inclusion-ssl-di-sigs [disable|enable]
set unknown-application-action [pass|block]
set unknown-application-log [disable|enable]
set p2p-block-list {option1}, {option2}, ...
set deep-app-inspection [disable|enable]
set options {option1}, {option2}, ...
config entries
Description: Application list entries.
edit <id>
set risk <level1>, <level2>, ...
set category <id1>, <id2>, ...
set application <id1>, <id2>, ...
set protocols {user}
set vendor {user}
set technology {user}
set behavior {user}
set popularity {option1}, {option2}, ...
set exclusion <id1>, <id2>, ...
config parameters
Description: Application parameters.
edit <id>
config members
Description: Parameter tuple members.
edit <id>
set name {string}
set value {string}
next
end
next
end
set action [pass|block|...]
set log [disable|enable]
set log-packet [disable|enable]
set rate-count {integer}
set rate-duration {integer}
set rate-mode [periodical|continuous]
set rate-track [none|src-ip|...]
set session-ttl {integer}
set shaper {string}
set quarantine [none|attacker]
set quarantine-expiry {user}
set quarantine-log [disable|enable]
next
end
set control-default-network-services [disable|enable]
config default-network-services
Description: Default network service entries.
edit <id>
set port {integer}
set services {option1}, {option2}, ...
set violation-action [pass|monitor|...]
next
end
next
end
config application list
|
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
comment |
Comments. |
var-string |
Maximum length: 255 |
|
||||||||||||
|
replacemsg-group |
Replacement message group. |
string |
Maximum length: 35 |
|
||||||||||||
|
extended-log |
Enable/disable extended logging. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
other-application-action |
Action for other applications. |
option |
- |
pass |
||||||||||||
|
|
|
|||||||||||||||
|
app-replacemsg |
Enable/disable replacement messages for blocked applications. |
option |
- |
enable |
||||||||||||
|
|
|
|||||||||||||||
|
other-application-log |
Enable/disable logging for other applications. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
enforce-default-app-port |
Enable/disable default application port enforcement for allowed applications. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
force-inclusion-ssl-di-sigs |
Enable/disable forced inclusion of SSL deep inspection signatures. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
unknown-application-action |
Pass or block traffic from unknown applications. |
option |
- |
pass |
||||||||||||
|
|
|
|||||||||||||||
|
unknown-application-log |
Enable/disable logging for unknown applications. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
p2p-block-list |
P2P applications to be block listed. |
option |
- |
|
||||||||||||
|
|
|
|||||||||||||||
|
deep-app-inspection |
Enable/disable deep application inspection. |
option |
- |
enable |
||||||||||||
|
|
|
|||||||||||||||
|
options |
Basic application protocol signatures allowed by default. |
option |
- |
allow-dns |
||||||||||||
|
|
|
|||||||||||||||
|
control-default-network-services |
Enable/disable enforcement of protocols over selected ports. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
config entries
|
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
risk |
Risk, or impact, of allowing traffic from this application to occur (1 - 5; Low, Elevated, Medium, High, and Critical). Risk, or impact, of allowing traffic from this application to occur (1 - 5; Low, Elevated, Medium, High, and Critical). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
||||||||||||
|
category |
Category ID list. Application category ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
||||||||||||
|
application |
ID of allowed applications. Application IDs. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
||||||||||||
|
protocols |
Application protocol filter. |
user |
Not Specified |
all |
||||||||||||
|
vendor |
Application vendor filter. |
user |
Not Specified |
all |
||||||||||||
|
technology |
Application technology filter. |
user |
Not Specified |
all |
||||||||||||
|
behavior |
Application behavior filter. |
user |
Not Specified |
all |
||||||||||||
|
popularity |
Application popularity filter . |
option |
- |
1 2 3 4 5 |
||||||||||||
|
|
|
|||||||||||||||
|
exclusion |
ID of excluded applications. Excluded application IDs. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
||||||||||||
|
action |
Pass or block traffic, or reset connection for traffic from this application. |
option |
- |
block |
||||||||||||
|
|
|
|||||||||||||||
|
log |
Enable/disable logging for this application list. |
option |
- |
enable |
||||||||||||
|
|
|
|||||||||||||||
|
log-packet |
Enable/disable packet logging. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
rate-count |
Count of the rate. |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||||||
|
rate-duration |
Duration (sec) of the rate. |
integer |
Minimum value: 1 Maximum value: 65535 |
60 |
||||||||||||
|
rate-mode |
Rate limit mode. |
option |
- |
continuous |
||||||||||||
|
|
|
|||||||||||||||
|
rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||||||
|
|
|
|||||||||||||||
|
session-ttl |
Session TTL . |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||||||
|
shaper |
Traffic shaper. |
string |
Maximum length: 35 |
|
||||||||||||
|
quarantine |
Quarantine method. |
option |
- |
none |
||||||||||||
|
|
|
|||||||||||||||
|
quarantine-expiry |
Duration of quarantine. . Requires quarantine set to attacker. |
user |
Not Specified |
5m |
||||||||||||
|
quarantine-log |
Enable/disable quarantine logging. |
option |
- |
enable |
||||||||||||
|
|
|
|||||||||||||||
config members
|
Parameter |
Description |
Type |
Size |
Default |
|---|---|---|---|---|
|
name |
Parameter name. |
string |
Maximum length: 31 |
|
|
value |
Parameter value. |
string |
Maximum length: 199 |
|
config default-network-services
|
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
port |
Port number. |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||||||||||||||||||
|
services |
Network protocols. |
option |
- |
|
||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||
|
violation-action |
Action for protocols not in the allowlist for selected port. |
option |
- |
block |
||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||