Moved the service definitions out of firehol and fireqos.

This commit moves the service definitions from firehol and fireqos into
the following files:

   - sbin/services.common
   - sbin/services.firehol
   - sbin/services.fireqos

The sbin/services.common file is now sourced by firehol and fireqos,
in addition to their respective sbin/services.fire(hol|qos) files.

The goal of this commit was to simplify maintenance of service definitions.
This commit is contained in:
Pieter du Preez 2018-02-14 20:47:47 +01:00
parent 618c5f6d05
commit ba494063c1
12 changed files with 397 additions and 503 deletions

@ -42,7 +42,9 @@ all-local: service-links
MKSERVICELINKS = ${top_srcdir}/doc/tools/mkservicelinks
service-links: $(top_srcdir)/sbin/firehol services-db.data
service-links: services-db.data $(top_srcdir)/sbin/firehol \
$(top_srcdir)/sbin/services.common \
$(top_srcdir)/sbin/services.firehol
$(MKSERVICELINKS) service-links $+
endif

@ -175,7 +175,10 @@ FORMATTABLE = ${top_srcdir}/doc/tools/format-table
PANDOCPOST = $(gensrcdir)/doc/tools/pandoc-post
CHECKLINKS = ${top_srcdir}/doc/tools/check-links
firehol-services.5.md: $(top_srcdir)/sbin/firehol ../services-db.data ../service-links
firehol-services.5.md: ../services-db.data ../service-links \
$(top_srcdir)/sbin/firehol \
$(top_srcdir)/sbin/services.common \
$(top_srcdir)/sbin/services.firehol
$(MKSERVICEMAN) firehol-services.5.md $+
contents.md: *.1.md *.5.md contents.tpl

@ -9,13 +9,18 @@ use File::Basename qw( dirname );
use lib dirname($0);
use servicedb;
if (@ARGV != 3) {
print STDERR "Usage: mkservicelist output.md firehol-script services-db.data\n";
if (@ARGV < 3) {
print STDERR "Usage: mkservicelist output.md services-db.data firehol-script [..firehol-script]\n";
exit 1;
}
my ($services, $all_run) = servicedb::read_script($ARGV[1]);
my ($dbinfo, $dbalias) = servicedb::read_db($ARGV[2]);
my ($dbinfo, $dbalias) = servicedb::read_db($ARGV[1]);
my ($services, $all_run) = ({}, {});
for (my $i=2; $i<=$#ARGV; $i++) {
my ($found_services, $found_all_run) = servicedb::read_script($ARGV[$i]);
$services = {%$services, %$found_services};
$all_run = {%$all_run, %$found_all_run};
}
my @service_keywords = servicedb::validate($services, $dbinfo, $dbalias);
open my $o, ">$ARGV[0]" or die;

@ -9,13 +9,19 @@ use File::Basename qw( dirname );
use lib dirname($0);
use servicedb;
if (@ARGV != 4) {
print STDERR "Usage: mkserviceman output firehol-script services-db.data service-links\n";
if (@ARGV < 4) {
print STDERR "Usage: mkserviceman output services-db.data service-links script [..script]\n";
exit 1;
}
my ($services, $all_run) = servicedb::read_script($ARGV[1]);
my ($dbinfo, $dbalias) = servicedb::read_db($ARGV[2]);
my ($dbinfo, $dbalias) = servicedb::read_db($ARGV[1]);
# NOTE: It seems as if service-links ($ARGV[2]) is never used.
my ($services, $all_run) = ({}, {});
for (my $i=3; $i<=$#ARGV; $i++) {
my ($found_services, $found_all_run) = servicedb::read_script($ARGV[$i]);
$services = {%$services, %$found_services};
$all_run = {%$all_run, %$found_all_run};
}
my @service_keywords = servicedb::validate($services, $dbinfo, $dbalias);
sub coalesce {

@ -23,7 +23,7 @@ firehol_check_file() {
check_commands $filename || status=1
;;
doc/services-db.data)
doc/tools/mkservicelinks /dev/null sbin/firehol doc/services-db.data || status=1
doc/tools/mkservicelinks /dev/null doc/services-db.data sbin/firehol sbin/services.common sbin/services.firehol || status=1
;;
*)
#echo "No checks found for $filename"

@ -32,6 +32,9 @@ CLEANFILES = install.config
inclib_DATA = \
functions.common \
services.common \
services.fireqos \
services.firehol \
install.config \
$(NULL)
@ -39,6 +42,9 @@ inclib_SCRIPTS = $(scripts)
EXTRA_DIST = \
functions.common \
services.common \
services.fireqos \
services.firehol \
install.config.in \
$(scripts) \
$(NULL)

@ -40,7 +40,10 @@ PROGRAM_DIR="${FIREHOL_OVERRIDE_PROGRAM_DIR:-$(realdir "$0")}"
PROGRAM_PWD="${PWD}"
declare -a PROGRAM_ORIGINAL_ARGS=("${@}")
for functions_file in install.config functions.common
# Services API version
FIREHOL_SERVICES_API="1"
for functions_file in install.config functions.common services.common services.firehol
do
if [ -r "$PROGRAM_DIR/$functions_file" ]
then
@ -1860,375 +1863,6 @@ get_next_dynamic_counter() {
fi
}
# Services API version
FIREHOL_SERVICES_API="1"
# ------------------------------------------------------------------------------
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
# ------------------------------------------------------------------------------
#
# SIMPLE SERVICES DEFINITIONS
#
# ------------------------------------------------------------------------------
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
# ------------------------------------------------------------------------------
# The following are definitions for simple services.
# We define as "simple" the services that are implemented using a single socket,
# initiated by the client and used by the server.
#
# The following list is sorted by service name.
server_all_ports="any/any"
client_all_ports="any"
helper_all="ftp irc sip pptp proto_gre"
# any is the same with all, without helpers
server_any_ports="${server_all_ports}"
client_any_ports="${client_all_ports}"
helper_any=
server_AH_ports="51/any"
client_AH_ports="any"
server_amanda_ports="udp/10080"
client_amanda_ports="default"
helper_amanda="amanda"
server_aptproxy_ports="tcp/9999"
client_aptproxy_ports="default"
server_apcupsd_ports="tcp/6544"
client_apcupsd_ports="default"
server_apcupsdnis_ports="tcp/3551"
client_apcupsdnis_ports="default"
server_asterisk_ports="tcp/5038"
client_asterisk_ports="default"
server_cups_ports="tcp/631 udp/631"
client_cups_ports="any"
server_cvspserver_ports="tcp/2401"
client_cvspserver_ports="default"
server_darkstat_ports="tcp/666"
client_darkstat_ports="default"
server_daytime_ports="tcp/13"
client_daytime_ports="default"
server_dcc_ports="udp/6277"
client_dcc_ports="default"
server_dcpp_ports="tcp/1412 udp/1412"
client_dcpp_ports="default"
server_dns_ports="udp/53 tcp/53"
client_dns_ports="any"
server_dhcprelay_ports="udp/67"
client_dhcprelay_ports="67"
server_dict_ports="tcp/2628"
client_dict_ports="default"
server_distcc_ports="tcp/3632"
client_distcc_ports="default"
server_eserver_ports="tcp/4661 udp/4661 udp/4665"
client_eserver_ports="any"
server_ESP_ports="50/any"
client_ESP_ports="any"
server_echo_ports="tcp/7"
client_echo_ports="default"
server_finger_ports="tcp/79"
client_finger_ports="default"
server_ftp_ports="tcp/21"
client_ftp_ports="default"
helper_ftp="ftp"
server_gift_ports="tcp/4302 tcp/1214 tcp/2182 tcp/2472"
client_gift_ports="any"
server_giftui_ports="tcp/1213"
client_giftui_ports="default"
server_gkrellmd_ports="tcp/19150"
client_gkrellmd_ports="default"
server_GRE_ports="47/any"
client_GRE_ports="any"
helper_GRE="proto_gre"
server_h323_ports="udp/1720 tcp/1720"
client_h323_ports="default"
helper_h323="h323"
server_heartbeat_ports="udp/690:699"
client_heartbeat_ports="default"
server_http_ports="tcp/80"
client_http_ports="default"
server_https_ports="tcp/443"
client_https_ports="default"
server_httpalt_ports="tcp/8080"
client_httpalt_ports="default"
server_iax_ports="udp/5036"
client_iax_ports="default"
server_iax2_ports="udp/5469 udp/4569"
client_iax2_ports="default"
server_ICMP_ports="icmp/any"
client_ICMP_ports="any"
server_icmp_ports="${server_ICMP_ports}"
client_icmp_ports="${client_ICMP_ports}"
server_ICMPV6_ports="icmpv6/any"
client_ICMPV6_ports="any"
server_icmpv6_ports="${server_ICMPV6_ports}"
client_icmpv6_ports="${client_ICMPV6_ports}"
server_icp_ports="udp/3130"
client_icp_ports="3130"
server_ident_ports="tcp/113"
client_ident_ports="default"
server_imap_ports="tcp/143"
client_imap_ports="default"
server_imaps_ports="tcp/993"
client_imaps_ports="default"
server_irc_ports="tcp/6667"
client_irc_ports="default"
helper_irc="irc"
server_isakmp_ports="udp/500"
client_isakmp_ports="any"
server_ipsecnatt_ports="udp/4500"
client_ipsecnatt_ports="any"
server_jabber_ports="tcp/5222 tcp/5223"
client_jabber_ports="default"
server_jabberd_ports="tcp/5222 tcp/5223 tcp/5269"
client_jabberd_ports="default"
server_l2tp_ports="udp/1701"
client_l2tp_ports="any"
server_ldap_ports="tcp/389"
client_ldap_ports="default"
server_ldaps_ports="tcp/636"
client_ldaps_ports="default"
server_lpd_ports="tcp/515"
client_lpd_ports="any"
server_microsoft_ds_ports="tcp/445"
client_microsoft_ds_ports="default"
server_mms_ports="tcp/1755 udp/1755"
client_mms_ports="default"
helper_mms="mms"
server_ms_ds_ports="${server_microsoft_ds_ports}"
client_ms_ds_ports="${client_microsoft_ds_ports}"
server_msnp_ports="tcp/6891"
client_msnp_ports="default"
server_msn_ports="tcp/1863 udp/1863"
client_msn_ports="default"
server_mysql_ports="tcp/3306"
client_mysql_ports="default"
server_netbackup_ports="tcp/13701 tcp/13711 tcp/13720 tcp/13721 tcp/13724 tcp/13782 tcp/13783"
client_netbackup_ports="any"
server_netbios_ns_ports="udp/137"
client_netbios_ns_ports="any"
server_netbios_dgm_ports="udp/138"
client_netbios_dgm_ports="any"
server_netbios_ssn_ports="tcp/139"
client_netbios_ssn_ports="default"
server_nntp_ports="tcp/119"
client_nntp_ports="default"
server_nntps_ports="tcp/563"
client_nntps_ports="default"
server_ntp_ports="udp/123 tcp/123"
client_ntp_ports="any"
server_nut_ports="tcp/3493 udp/3493"
client_nut_ports="default"
server_nxserver_ports="tcp/5000:5200"
client_nxserver_ports="default"
server_openvpn_ports="tcp/1194 udp/1194"
client_openvpn_ports="default"
server_oracle_ports="tcp/1521"
client_oracle_ports="default"
server_OSPF_ports="89/any"
client_OSPF_ports="any"
server_pop3_ports="tcp/110"
client_pop3_ports="default"
server_pop3s_ports="tcp/995"
client_pop3s_ports="default"
server_portmap_ports="udp/111 tcp/111"
client_portmap_ports="any" # Portmap clients appear to use ports below 1024
server_postgres_ports="tcp/5432"
client_postgres_ports="default"
server_pptp_ports="tcp/1723"
client_pptp_ports="default"
helper_pptp="pptp proto_gre"
server_privoxy_ports="tcp/8118"
client_privoxy_ports="default"
server_radius_ports="udp/1812 udp/1813"
client_radius_ports="default"
server_radiusproxy_ports="udp/1814"
client_radiusproxy_ports="default"
server_radiusold_ports="udp/1645 udp/1646"
client_radiusold_ports="default"
server_radiusoldproxy_ports="udp/1647"
client_radiusoldproxy_ports="default"
server_rdp_ports="tcp/3389"
client_rdp_ports="default"
server_rndc_ports="tcp/953"
client_rndc_ports="default"
server_rsync_ports="tcp/873 udp/873"
client_rsync_ports="default"
server_rtp_ports="udp/10000:20000"
client_rtp_ports="any"
server_sane_ports="tcp/6566"
client_sane_ports="default"
helper_sane="sane"
server_sip_ports="tcp/5060 udp/5060"
client_sip_ports="5060 default"
helper_sip="sip"
server_socks_ports="tcp/1080 udp/1080"
client_socks_ports="default"
server_squid_ports="tcp/3128"
client_squid_ports="default"
server_smtp_ports="tcp/25"
client_smtp_ports="default"
server_smtps_ports="tcp/465"
client_smtps_ports="default"
server_snmp_ports="udp/161"
client_snmp_ports="default"
server_snmptrap_ports="udp/162"
client_snmptrap_ports="any"
server_nrpe_ports="tcp/5666"
client_nrpe_ports="default"
server_ssh_ports="tcp/22"
client_ssh_ports="default"
server_stun_ports="udp/3478 udp/3479"
client_stun_ports="any"
server_submission_ports="tcp/587"
client_submission_ports="default"
server_sunrpc_ports="${server_portmap_ports}"
client_sunrpc_ports="${client_portmap_ports}"
server_swat_ports="tcp/901"
client_swat_ports="default"
server_syslog_ports="udp/514"
client_syslog_ports="514 default"
server_telnet_ports="tcp/23"
client_telnet_ports="default"
server_tftp_ports="udp/69"
client_tftp_ports="default"
helper_tftp="tftp"
server_tomcat_ports="${server_httpalt_ports}"
client_tomcat_ports="${client_httpalt_ports}"
server_time_ports="tcp/37 udp/37"
client_time_ports="default"
server_upnp_ports="udp/1900 tcp/2869"
client_upnp_ports="default"
server_uucp_ports="tcp/540"
client_uucp_ports="default"
server_whois_ports="tcp/43"
client_whois_ports="default"
server_vmware_ports="tcp/902"
client_vmware_ports="default"
server_vmwareauth_ports="tcp/903"
client_vmwareauth_ports="default"
server_vmwareweb_ports="tcp/8222 tcp/8333"
client_vmwareweb_ports="default"
server_vnc_ports="tcp/5900:5903"
client_vnc_ports="default"
server_webcache_ports="${server_httpalt_ports}"
client_webcache_ports="${client_httpalt_ports}"
server_webmin_ports="tcp/10000"
client_webmin_ports="default"
server_xdmcp_ports="udp/177"
client_xdmcp_ports="default"
# ------------------------------------------------------------------------------
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
# ------------------------------------------------------------------------------

@ -40,7 +40,7 @@ PROGRAM_DIR="${FIREHOL_OVERRIDE_PROGRAM_DIR:-$(realdir "$0")}"
PROGRAM_PWD="${PWD}"
declare -a PROGRAM_ORIGINAL_ARGS=("${@}")
for functions_file in install.config functions.common
for functions_file in install.config functions.common services.common services.fireqos
do
if [ -r "$PROGRAM_DIR/$functions_file" ]
then
@ -120,127 +120,6 @@ else
common_setup_terminal && RUNNING_ON_TERMINAL=1
fi
# service definitions
# taken from firehol, with:
#
# $CAT_CMD firehol.sh | $EGREP_CMD "^server_.*_ports="
#
server_AH_ports="51/any"
server_amanda_ports="udp/10080"
server_aptproxy_ports="tcp/9999"
server_apcupsd_ports="tcp/6544"
server_apcupsdnis_ports="tcp/3551"
server_asterisk_ports="tcp/5038"
server_cups_ports="tcp/631 udp/631"
server_cvspserver_ports="tcp/2401"
server_darkstat_ports="tcp/666"
server_daytime_ports="tcp/13"
server_dcc_ports="udp/6277"
server_dcpp_ports="tcp/1412 udp/1412"
server_dns_ports="udp/53 tcp/53"
server_dhcprelay_ports="udp/67"
server_dict_ports="tcp/2628"
server_distcc_ports="tcp/3632"
server_eserver_ports="tcp/4661 udp/4661 udp/4665"
server_ESP_ports="50/any"
server_echo_ports="tcp/7"
server_finger_ports="tcp/79"
server_ftp_ports="tcp/21"
server_gift_ports="tcp/4302 tcp/1214 tcp/2182 tcp/2472"
server_giftui_ports="tcp/1213"
server_gkrellmd_ports="tcp/19150"
server_GRE_ports="47/any"
server_h323_ports="tcp/1720"
server_heartbeat_ports="udp/690:699"
server_http_ports="tcp/80"
server_https_ports="tcp/443"
server_iax_ports="udp/5036"
server_iax2_ports="udp/5469 udp/4569"
server_ICMP_ports="icmp/any"
server_icmp_ports="icmp/any"
server_icp_ports="udp/3130"
server_ident_ports="tcp/113"
server_imap_ports="tcp/143"
server_imaps_ports="tcp/993"
server_irc_ports="tcp/6667"
server_isakmp_ports="udp/500"
server_ipsecnatt_ports="udp/4500"
server_jabber_ports="tcp/5222 tcp/5223"
server_jabberd_ports="tcp/5222 tcp/5223 tcp/5269"
server_l2tp_ports="udp/1701"
server_ldap_ports="tcp/389"
server_ldaps_ports="tcp/636"
server_lpd_ports="tcp/515"
server_microsoft_ds_ports="tcp/445"
server_ms_ds_ports="tcp/445"
server_mms_ports="tcp/1755 udp/1755"
server_msn_ports="tcp/6891"
server_mysql_ports="tcp/3306"
server_netbackup_ports="tcp/13701 tcp/13711 tcp/13720 tcp/13721 tcp/13724 tcp/13782 tcp/13783"
server_netbios_ns_ports="udp/137"
server_netbios_dgm_ports="udp/138"
server_netbios_ssn_ports="tcp/139"
server_nntp_ports="tcp/119"
server_nntps_ports="tcp/563"
server_ntp_ports="udp/123 tcp/123"
server_nut_ports="tcp/3493 udp/3493"
server_nxserver_ports="tcp/5000:5200"
server_oracle_ports="tcp/1521"
server_OSPF_ports="89/any"
server_pop3_ports="tcp/110"
server_pop3s_ports="tcp/995"
server_portmap_ports="udp/111 tcp/111"
server_postgres_ports="tcp/5432"
server_pptp_ports="tcp/1723"
server_privoxy_ports="tcp/8118"
server_radius_ports="udp/1812 udp/1813"
server_radiusproxy_ports="udp/1814"
server_radiusold_ports="udp/1645 udp/1646"
server_radiusoldproxy_ports="udp/1647"
server_rdp_ports="tcp/3389"
server_rndc_ports="tcp/953"
server_rsync_ports="tcp/873 udp/873"
server_rtp_ports="udp/10000:20000"
server_sane_ports="tcp/6566"
server_sip_ports="udp/5060"
server_socks_ports="tcp/1080 udp/1080"
server_squid_ports="tcp/3128"
server_smtp_ports="tcp/25"
server_smtps_ports="tcp/465"
server_snmp_ports="udp/161"
server_snmptrap_ports="udp/162"
server_ssh_ports="tcp/22"
server_stun_ports="udp/3478 udp/3479"
server_submission_ports="tcp/587"
server_sunrpc_ports="${server_portmap_ports}"
server_swat_ports="tcp/901"
server_syslog_ports="udp/514"
server_telnet_ports="tcp/23"
server_tftp_ports="udp/69"
server_time_ports="tcp/37 udp/37"
server_upnp_ports="udp/1900 tcp/2869"
server_uucp_ports="tcp/540"
server_whois_ports="tcp/43"
server_vmware_ports="tcp/902"
server_vmwareauth_ports="tcp/903"
server_vmwareweb_ports="tcp/8222 tcp/8333"
server_vnc_ports="tcp/5900:5903"
server_webcache_ports="tcp/8080"
server_webmin_ports="tcp/10000"
server_xdmcp_ports="udp/177"
# FireQOS only services
server_torrents_ports="tcp/6881:6999 udp/6881:6999"
server_facetime_ports="udp/3478:3497 udp/16384:16387 udp/16393:16402"
server_hangouts_ports="udp/19302:19309 tcp/19305:19309"
server_gtalk_ports="tcp/5222 tcp/5228"
server_teamviewer_ports="tcp/5938"
server_ping_ports="icmp/any"
server_tcp_ports="tcp/any"
server_udp_ports="udp/any"
server_surfing_ports="tcp/0:1023"
# -----------------------------------------------------------------------------
# Default FireHOL marks

307
sbin/services.common Normal file

@ -0,0 +1,307 @@
client_AH_ports="any"
server_AH_ports="51/any"
client_amanda_ports="default"
server_amanda_ports="udp/10080"
helper_amanda="amanda"
client_apcupsd_ports="default"
server_apcupsd_ports="tcp/6544"
client_apcupsdnis_ports="default"
server_apcupsdnis_ports="tcp/3551"
client_aptproxy_ports="default"
server_aptproxy_ports="tcp/9999"
client_asterisk_ports="default"
server_asterisk_ports="tcp/5038"
client_cups_ports="any"
server_cups_ports="tcp/631 udp/631"
client_cvspserver_ports="default"
server_cvspserver_ports="tcp/2401"
client_darkstat_ports="default"
server_darkstat_ports="tcp/666"
client_daytime_ports="default"
server_daytime_ports="tcp/13"
client_dcc_ports="default"
server_dcc_ports="udp/6277"
client_dcpp_ports="default"
server_dcpp_ports="tcp/1412 udp/1412"
client_dhcprelay_ports="67"
server_dhcprelay_ports="udp/67"
client_dict_ports="default"
server_dict_ports="tcp/2628"
client_distcc_ports="default"
server_distcc_ports="tcp/3632"
client_dns_ports="any"
server_dns_ports="udp/53 tcp/53"
client_echo_ports="default"
server_echo_ports="tcp/7"
client_eserver_ports="any"
server_eserver_ports="tcp/4661 udp/4661 udp/4665"
client_ESP_ports="any"
server_ESP_ports="50/any"
client_finger_ports="default"
server_finger_ports="tcp/79"
client_ftp_ports="default"
server_ftp_ports="tcp/21"
helper_ftp="ftp"
client_gift_ports="any"
server_gift_ports="tcp/4302 tcp/1214 tcp/2182 tcp/2472"
client_giftui_ports="default"
server_giftui_ports="tcp/1213"
client_gkrellmd_ports="default"
server_gkrellmd_ports="tcp/19150"
client_GRE_ports="any"
server_GRE_ports="47/any"
helper_GRE="proto_gre"
client_heartbeat_ports="default"
server_heartbeat_ports="udp/690:699"
client_http_ports="default"
server_http_ports="tcp/80"
client_https_ports="default"
server_https_ports="tcp/443"
client_iax_ports="default"
server_iax_ports="udp/5036"
client_iax2_ports="default"
server_iax2_ports="udp/5469 udp/4569"
client_ICMP_ports="any"
server_ICMP_ports="icmp/any"
client_icmp_ports="any"
server_icmp_ports="icmp/any"
client_icp_ports="3130"
server_icp_ports="udp/3130"
client_ident_ports="default"
server_ident_ports="tcp/113"
client_imap_ports="default"
server_imap_ports="tcp/143"
client_imaps_ports="default"
server_imaps_ports="tcp/993"
client_ipsecnatt_ports="any"
server_ipsecnatt_ports="udp/4500"
client_irc_ports="default"
server_irc_ports="tcp/6667"
helper_irc="irc"
client_isakmp_ports="any"
server_isakmp_ports="udp/500"
client_jabber_ports="default"
server_jabber_ports="tcp/5222 tcp/5223"
client_jabberd_ports="default"
server_jabberd_ports="tcp/5222 tcp/5223 tcp/5269"
client_l2tp_ports="any"
server_l2tp_ports="udp/1701"
client_ldap_ports="default"
server_ldap_ports="tcp/389"
client_ldaps_ports="default"
server_ldaps_ports="tcp/636"
client_lpd_ports="any"
server_lpd_ports="tcp/515"
client_microsoft_ds_ports="default"
server_microsoft_ds_ports="tcp/445"
client_mms_ports="default"
server_mms_ports="tcp/1755 udp/1755"
helper_mms="mms"
client_ms_ds_ports="default"
server_ms_ds_ports="tcp/445"
client_mysql_ports="default"
server_mysql_ports="tcp/3306"
client_netbackup_ports="any"
server_netbackup_ports="tcp/13701 tcp/13711 tcp/13720 tcp/13721 tcp/13724 tcp/13782 tcp/13783"
client_netbios_dgm_ports="any"
server_netbios_dgm_ports="udp/138"
client_netbios_ns_ports="any"
server_netbios_ns_ports="udp/137"
client_netbios_ssn_ports="default"
server_netbios_ssn_ports="tcp/139"
client_nntp_ports="default"
server_nntp_ports="tcp/119"
client_nntps_ports="default"
server_nntps_ports="tcp/563"
client_ntp_ports="any"
server_ntp_ports="udp/123 tcp/123"
client_nut_ports="default"
server_nut_ports="tcp/3493 udp/3493"
client_nxserver_ports="default"
server_nxserver_ports="tcp/5000:5200"
client_oracle_ports="default"
server_oracle_ports="tcp/1521"
client_OSPF_ports="any"
server_OSPF_ports="89/any"
client_pop3_ports="default"
server_pop3_ports="tcp/110"
client_pop3s_ports="default"
server_pop3s_ports="tcp/995"
client_portmap_ports="any"
server_portmap_ports="udp/111 tcp/111"
client_postgres_ports="default"
server_postgres_ports="tcp/5432"
client_pptp_ports="default"
server_pptp_ports="tcp/1723"
helper_pptp="pptp proto_gre"
client_privoxy_ports="default"
server_privoxy_ports="tcp/8118"
client_radius_ports="default"
server_radius_ports="udp/1812 udp/1813"
client_radiusold_ports="default"
server_radiusold_ports="udp/1645 udp/1646"
client_radiusoldproxy_ports="default"
server_radiusoldproxy_ports="udp/1647"
client_radiusproxy_ports="default"
server_radiusproxy_ports="udp/1814"
client_rdp_ports="default"
server_rdp_ports="tcp/3389"
client_rndc_ports="default"
server_rndc_ports="tcp/953"
client_rsync_ports="default"
server_rsync_ports="tcp/873 udp/873"
client_rtp_ports="any"
server_rtp_ports="udp/10000:20000"
client_sane_ports="default"
server_sane_ports="tcp/6566"
helper_sane="sane"
client_smtp_ports="default"
server_smtp_ports="tcp/25"
client_smtps_ports="default"
server_smtps_ports="tcp/465"
client_snmp_ports="default"
server_snmp_ports="udp/161"
client_snmptrap_ports="any"
server_snmptrap_ports="udp/162"
client_socks_ports="default"
server_socks_ports="tcp/1080 udp/1080"
client_squid_ports="default"
server_squid_ports="tcp/3128"
client_ssh_ports="default"
server_ssh_ports="tcp/22"
client_stun_ports="any"
server_stun_ports="udp/3478 udp/3479"
client_submission_ports="default"
server_submission_ports="tcp/587"
client_sunrpc_ports="any"
server_sunrpc_ports="udp/111 tcp/111"
client_swat_ports="default"
server_swat_ports="tcp/901"
client_syslog_ports="514 default"
server_syslog_ports="udp/514"
client_telnet_ports="default"
server_telnet_ports="tcp/23"
client_tftp_ports="default"
server_tftp_ports="udp/69"
helper_tftp="tftp"
client_time_ports="default"
server_time_ports="tcp/37 udp/37"
client_upnp_ports="default"
server_upnp_ports="udp/1900 tcp/2869"
client_uucp_ports="default"
server_uucp_ports="tcp/540"
client_vmware_ports="default"
server_vmware_ports="tcp/902"
client_vmwareauth_ports="default"
server_vmwareauth_ports="tcp/903"
client_vmwareweb_ports="default"
server_vmwareweb_ports="tcp/8222 tcp/8333"
client_vnc_ports="default"
server_vnc_ports="tcp/5900:5903"
client_webcache_ports="default"
server_webcache_ports="tcp/8080"
client_webmin_ports="default"
server_webmin_ports="tcp/10000"
client_whois_ports="default"
server_whois_ports="tcp/43"
client_xdmcp_ports="default"
server_xdmcp_ports="udp/177"

39
sbin/services.firehol Normal file

@ -0,0 +1,39 @@
client_all_ports="any"
server_all_ports="any/any"
helper_all="ftp irc sip pptp proto_gre"
client_any_ports="any"
server_any_ports="any/any"
helper_any=""
client_h323_ports="default"
server_h323_ports="udp/1720 tcp/1720"
helper_h323="h323"
client_httpalt_ports="default"
server_httpalt_ports="tcp/8080"
client_ICMPV6_ports="any"
server_ICMPV6_ports="icmpv6/any"
client_icmpv6_ports="any"
server_icmpv6_ports="icmpv6/any"
client_msn_ports="default"
server_msn_ports="tcp/1863 udp/1863"
client_msnp_ports="default"
server_msnp_ports="tcp/6891"
client_nrpe_ports="default"
server_nrpe_ports="tcp/5666"
client_openvpn_ports="default"
server_openvpn_ports="tcp/1194 udp/1194"
client_sip_ports="5060 default"
server_sip_ports="tcp/5060 udp/5060"
helper_sip="sip"
client_tomcat_ports="default"
server_tomcat_ports="tcp/8080"

12
sbin/services.fireqos Normal file

@ -0,0 +1,12 @@
server_facetime_ports="udp/3478:3497 udp/16384:16387 udp/16393:16402"
server_gtalk_ports="tcp/5222 tcp/5228"
server_h323_ports="tcp/1720"
server_hangouts_ports="udp/19302:19309 tcp/19305:19309"
server_msn_ports="tcp/6891"
server_ping_ports="icmp/any"
server_sip_ports="udp/5060"
server_surfing_ports="tcp/0:1023"
server_tcp_ports="tcp/any"
server_teamviewer_ports="tcp/5938"
server_torrents_ports="tcp/6881:6999 udp/6881:6999"
server_udp_ports="udp/any"

@ -100,6 +100,7 @@ export FIREHOL_OVERRIDE_PROGRAM_DIR=$MYTMP/prog
mkdir -p "$FIREHOL_OVERRIDE_PROGRAM_DIR"
sed -e "s#[@].*POST[@]#$MYTMP#" ../sbin/install.config.in > "$FIREHOL_OVERRIDE_PROGRAM_DIR/install.config"
cp $dirname/../sbin/functions.* "$FIREHOL_OVERRIDE_PROGRAM_DIR"
cp $dirname/../sbin/services.* "$FIREHOL_OVERRIDE_PROGRAM_DIR/"
verbose=0
if [ "$1" = "-v" ]