config application list
Configure application control lists.
config application list Description: Configure application control lists. edit <name> set comment {var-string} set replacemsg-group {string} set extended-log [enable|disable] set other-application-action [pass|block] set app-replacemsg [disable|enable] set other-application-log [disable|enable] set enforce-default-app-port [disable|enable] set force-inclusion-ssl-di-sigs [disable|enable] set unknown-application-action [pass|block] set unknown-application-log [disable|enable] set p2p-block-list {option1}, {option2}, ... set deep-app-inspection [disable|enable] set options {option1}, {option2}, ... config entries Description: Application list entries. edit <id> set risk <level1>, <level2>, ... set category <id1>, <id2>, ... set application <id1>, <id2>, ... set protocols {user} set vendor {user} set technology {user} set behavior {user} set popularity {option1}, {option2}, ... set exclusion <id1>, <id2>, ... config parameters Description: Application parameters. edit <id> config members Description: Parameter tuple members. edit <id> set name {string} set value {string} next end next end set action [pass|block|...] set log [disable|enable] set log-packet [disable|enable] set rate-count {integer} set rate-duration {integer} set rate-mode [periodical|continuous] set rate-track [none|src-ip|...] set session-ttl {integer} set shaper {string} set quarantine [none|attacker] set quarantine-expiry {user} set quarantine-log [disable|enable] next end set control-default-network-services [disable|enable] config default-network-services Description: Default network service entries. edit <id> set port {integer} set services {option1}, {option2}, ... set violation-action [pass|monitor|...] next end next end
config application list
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
name |
List name. |
string |
Maximum length: 35 |
|
||||||||||||
comment |
Comments. |
var-string |
Maximum length: 255 |
|
||||||||||||
replacemsg-group |
Replacement message group. |
string |
Maximum length: 35 |
|
||||||||||||
extended-log |
Enable/disable extended logging. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
other-application-action |
Action for other applications. |
option |
- |
pass |
||||||||||||
|
|
|||||||||||||||
app-replacemsg |
Enable/disable replacement messages for blocked applications. |
option |
- |
enable |
||||||||||||
|
|
|||||||||||||||
other-application-log |
Enable/disable logging for other applications. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
enforce-default-app-port |
Enable/disable default application port enforcement for allowed applications. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
force-inclusion-ssl-di-sigs |
Enable/disable forced inclusion of SSL deep inspection signatures. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
unknown-application-action |
Pass or block traffic from unknown applications. |
option |
- |
pass |
||||||||||||
|
|
|||||||||||||||
unknown-application-log |
Enable/disable logging for unknown applications. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
p2p-block-list |
P2P applications to be block listed. |
option |
- |
|
||||||||||||
|
|
|||||||||||||||
deep-app-inspection |
Enable/disable deep application inspection. |
option |
- |
enable |
||||||||||||
|
|
|||||||||||||||
options |
Basic application protocol signatures allowed by default. |
option |
- |
allow-dns |
||||||||||||
|
|
|||||||||||||||
control-default-network-services |
Enable/disable enforcement of protocols over selected ports. |
option |
- |
disable |
||||||||||||
|
|
config entries
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
id |
Entry ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||||||
risk |
Risk, or impact, of allowing traffic from this application to occur (1 - 5; Low, Elevated, Medium, High, and Critical). Risk, or impact, of allowing traffic from this application to occur (1 - 5; Low, Elevated, Medium, High, and Critical). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
||||||||||||
category |
Category ID list. Application category ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
||||||||||||
application |
ID of allowed applications. Application IDs. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
||||||||||||
protocols |
Application protocol filter. |
user |
Not Specified |
all |
||||||||||||
vendor |
Application vendor filter. |
user |
Not Specified |
all |
||||||||||||
technology |
Application technology filter. |
user |
Not Specified |
all |
||||||||||||
behavior |
Application behavior filter. |
user |
Not Specified |
all |
||||||||||||
popularity |
Application popularity filter. |
option |
- |
1 2 3 4 5 |
||||||||||||
|
|
|||||||||||||||
exclusion |
ID of excluded applications. Excluded application IDs. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|
||||||||||||
action |
Pass or block traffic, or reset connection for traffic from this application. |
option |
- |
block |
||||||||||||
|
|
|||||||||||||||
log |
Enable/disable logging for this application list. |
option |
- |
enable |
||||||||||||
|
|
|||||||||||||||
log-packet |
Enable/disable packet logging. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
rate-count |
Count of the rate. |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||||||
rate-duration |
Duration (sec) of the rate. |
integer |
Minimum value: 1 Maximum value: 65535 |
60 |
||||||||||||
rate-mode |
Rate limit mode. |
option |
- |
continuous |
||||||||||||
|
|
|||||||||||||||
rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||||||
|
|
|||||||||||||||
session-ttl |
Session TTL. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||||||
shaper |
Traffic shaper. |
string |
Maximum length: 35 |
|
||||||||||||
quarantine |
Quarantine method. |
option |
- |
none |
||||||||||||
|
|
|||||||||||||||
quarantine-expiry |
Duration of quarantine.. Requires quarantine set to attacker. |
user |
Not Specified |
5m |
||||||||||||
quarantine-log |
Enable/disable quarantine logging. |
option |
- |
enable |
||||||||||||
|
|
config parameters
Parameter |
Description |
Type |
Size |
Default |
---|---|---|---|---|
id |
Parameter tuple ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
config members
Parameter |
Description |
Type |
Size |
Default |
---|---|---|---|---|
id |
Parameter. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
name |
Parameter name. |
string |
Maximum length: 31 |
|
value |
Parameter value. |
string |
Maximum length: 199 |
|
config default-network-services
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
id |
Entry ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||||||||||||||||||
port |
Port number. |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||||||||||||||||||
services |
Network protocols. |
option |
- |
|
||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
violation-action |
Action for protocols not in the allowlist for selected port. |
option |
- |
block |
||||||||||||||||||||||||
|
|