This mask defines the active firewall policy for a service. You can change the
availability of a service in the internal and perimeter networks
without changing the main IP-filtering rules of that service.
The config-file is 'etc/services.cfg'.
These settings donīt alter the services on the Firewall!
There are four policies for each service:
| Blocked Filtered Outgoing Incoming |
- the service is blocked - the normal IP-filtering rules are used (as defined in Screening) - only incoming connections are possible (Filtered AND Outgoing) - only incoming connections are possible (Filtered AND Incoming) |
| archie | dns_client | ||
| dns_server | ftp_active | ||
| ftp_passiv | gopher | ||
| http | irc_client | ||
| irc_server | lpr | ||
| nntp | ntp_client | ||
| ntp_server | ping | ||
| pop3 | rexec | ||
| rip_client | rip_server | ||
| rlogin | rsh | ||
| smtp | snmp_client | ||
| snmp_server | squid | ||
| ssh | ssl | ||
| syslog_client | syslog_server | ||
| talk_client | talk_server | ||
| telnet | tftp | ||
| traceroute | uucp | ||
| wais | whois | ||
| finger |
(c) 1998 J. Hellmerichs-Friedrich