config application list
Configure application control lists.
config application list Description: Configure application control lists. edit <name> set comment {var-string} set replacemsg-group {string} set other-application-action [pass|block] set app-replacemsg [disable|enable] set other-application-log [disable|enable] set unknown-application-action [pass|block] set unknown-application-log [disable|enable] set p2p-black-list [skype|edonkey|...] set options [allow-dns|allow-icmp|...] config entries Description: Application list entries. edit <id> config risk Description: Risk, or impact, of allowing traffic from this application to occur. edit <level> next end config category Description: Category ID list. edit <id> next end config sub-category Description: Application Sub-category ID list. edit <id> next end config application Description: ID of allowed applications. edit <id> next end set protocols {user} set vendor {user} set technology {user} set behavior {user} set popularity [1|2|...] config tags Description: Tag filter. edit <name> next end config parameters Description: Application parameters. edit <id> set value {string} next end set action [pass|block|...] set log [disable|enable] set log-packet [disable|enable] set rate-count {integer} set rate-duration {integer} set rate-mode [periodical|continuous] set rate-track [none|src-ip|...] set session-ttl {integer} set quarantine [none|attacker] set quarantine-expiry {user} set quarantine-log [disable|enable] next end next end
config application list
Parameter |
Description |
Type |
Size |
|||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
name |
List name. |
string |
Maximum length: 35 |
|||||||||||||
comment |
comments |
var-string |
Maximum length: 255 |
|||||||||||||
replacemsg-group |
Replacement message group. |
string |
Maximum length: 35 |
|||||||||||||
other-application-action |
Action for other applications. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
app-replacemsg |
Enable/disable replacement messages for blocked applications. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
other-application-log |
Enable/disable logging for other applications. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
unknown-application-action |
Pass or block traffic from unknown applications. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
unknown-application-log |
Enable/disable logging for unknown applications. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
p2p-black-list |
P2P applications to be black listed. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
options |
Basic application protocol signatures allowed by default. |
option |
- |
|||||||||||||
|
|
config entries
Parameter |
Description |
Type |
Size |
|||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
id |
Entry ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
protocols |
Application protocol filter. |
user |
Not Specified |
|||||||||||||
vendor |
Application vendor filter. |
user |
Not Specified |
|||||||||||||
technology |
Application technology filter. |
user |
Not Specified |
|||||||||||||
behavior |
Application behavior filter. |
user |
Not Specified |
|||||||||||||
popularity |
Application popularity filter. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
action |
Pass or block traffic, or reset connection for traffic from this application. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
log |
Enable/disable logging for this application list. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
log-packet |
Enable/disable packet logging. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
rate-count |
Count of the rate. |
integer |
Minimum value: 0 Maximum value: 65535 |
|||||||||||||
rate-duration |
Duration (sec) of the rate. |
integer |
Minimum value: 1 Maximum value: 65535 |
|||||||||||||
rate-mode |
Rate limit mode. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
rate-track |
Track the packet protocol field. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
session-ttl |
Session TTL. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
quarantine |
Quarantine method. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
quarantine-expiry |
Duration of quarantine, from 1 minute to 364 days, 23 hours, and 59 minutes from now.. Requires quarantine set to attacker. |
user |
Not Specified |
|||||||||||||
quarantine-log |
Enable/disable quarantine logging. |
option |
- |
|||||||||||||
|
|
config risk
Parameter |
Description |
Type |
Size |
---|---|---|---|
level |
Risk, or impact, of allowing traffic from this application to occur. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
config category
Parameter |
Description |
Type |
Size |
---|---|---|---|
id |
Application category ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
config sub-category
Parameter |
Description |
Type |
Size |
---|---|---|---|
id |
Application sub-category ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
config application
Parameter |
Description |
Type |
Size |
---|---|---|---|
id |
Application IDs. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
config tags
Parameter |
Description |
Type |
Size |
---|---|---|---|
name |
Tag name. |
string |
Maximum length: 64 |
config parameters
Parameter |
Description |
Type |
Size |
---|---|---|---|
id |
Parameter ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
value |
Parameter value. |
string |
Maximum length: 63 |