Junos Space SDK > Developer Guides > Junos Space Application Developer Guide > Programming with the Junos Space SDK > Using the Junos Space SDK Plug-in

Defining Firewall Rules for Your Application with sockets.xml

If your application requires custom ports to be opened in the firewall, you can define these ports by adding extra firewall rules in a sockets.xml file under the app-info folder of your application. See examples of sockets.xml in the EarContent/META-INF/app-info folders of the reference applications that accompany the Junos Space SDK. If your application does not open custom firewall ports, a sockets.xml file is not needed.

Use the following syntax for your sockets.xml:

<SOCKETS>
    <INBOUND>
      <PROTOCOL>[tcp|udp]</PROTOCOL>
      <DEST>
          <ADDR>[ip address|@ANY|@CLUSTER]</ADDR>
          <PORT>[port number|@ANY]</PORT>
      </DEST>
            
      <SOURCE>
          <ADDR>[ip address|@ANY|@CLUSTER]</ADDR>
          <PORT>[port number|@ANY]</PORT>
      </SOURCE>
    </INBOUND>
            
    <OUTBOUND>
            
          [same as INBOUND]
            
    </OUTBOUND>
</SOCKETS>
            

An INBOUND or OUTBOUND element must define at least one DEST or one SOURCE or one of each, but not multiple DESTs or SOURCEs. Define multiple DESTs or SOURCEs by defining mutliple INBOUND or OUTBOUND containers.

Specify the PROTOCOL type for the inbound or outbound connection as tcp or udp.

Allow traffic from SOURCE or to DEST addresses by specifying one of the following values for ADDR:

Allow traffic from SOURCE or to DEST ports by specifying one of the following values for PORT:

Valid syntax for an OUTBOUND connection is identical to the syntax described for INBOUND.