This mask defines the active firewall policy for a service. You can change the
availability of a service in the internal and perimeter networks
without changing the main IP-filtering rules of that service.
The config-file is 'etc/services.cfg'.
These settings donīt alter the services on the Firewall!
There are four policies for each service:
Blocked Filtered Outgoing Incoming |
- the service is blocked - the normal IP-filtering rules are used (as defined in Screening) - only incoming connections are possible (Filtered AND Outgoing) - only incoming connections are possible (Filtered AND Incoming) |
archie | dns_client | ||
dns_server | ftp_active | ||
ftp_passiv | gopher | ||
http | irc_client | ||
irc_server | lpr | ||
nntp | ntp_client | ||
ntp_server | ping | ||
pop3 | rexec | ||
rip_client | rip_server | ||
rlogin | rsh | ||
smtp | snmp_client | ||
snmp_server | squid | ||
ssh | ssl | ||
syslog_client | syslog_server | ||
talk_client | talk_server | ||
telnet | tftp | ||
traceroute | uucp | ||
wais | whois | ||
finger |
(c) 1998 J. Hellmerichs-Friedrich