Tag Elements Beginning with A > <application> (configuration/applications)

Usage

<configuration>
    <applications>
        <application>
            <name>name</name> <!-- identifier -->
            <application-protocol>application-protocol-choice</application-protocol>
            <protocol>protocol-choice</protocol>
            <source-port>source-port-choice</source-port>
            <destination-port>destination-port-choice</destination-port>
            <snmp-command>snmp-command-choice</snmp-command>
            <icmp-type>icmp-type-choice</icmp-type>
            <icmp-code>icmp-code-choice</icmp-code>
            <ttl-threshold>ttl-threshold</ttl-threshold>
            <rpc-program-number>rpc-program-number</rpc-program-number>
            <uuid>uuid</uuid>
            <inactivity-timeout>inactivity-timeout-choice</inactivity-timeout>
            <learn-sip-register/>
            <sip-call-hold-timeout>seconds</sip-call-hold-timeout>
            <do-not-translate-AAAA-query-to-A-query/>
            <do-not-translate-A-query-to-AAAA-query/>
        </application>
    </applications>
</configuration>

Description

Define an application.

Contents

<application-protocol>—Application protocol type.

• bootp—Bootstrap protocol.
• dce-rpc—DCE RPC.
• dce-rpc-portmap—DCE RPC portmap.
• dns—Domain Name Service.
• exec—Remote Execution Protocol.
• ftp—File Transfer Protocol.
• h323—H.323.
• icmp—ICMP.
• ignore—Ignore application type.
• iiop—Internet Inter-ORB Protocol.
• ip—IP.
• login—Login.
• mgcp-ca—MGCP-CA.
• mgcp-ua—MGCP-UA.
• ms-rpc—Microsoft RPC.
• netbios—NetBIOS.
• netshow—NetShow.
• pptp—Point-to-Point Tunneling Protocol.
• q931—Q.931.
• ras—RAS.
• realaudio—RealAudio.
• rpc—RPC.
• rpc-portmap—RPC portmap.
• rsh—Remote Shell.
• rtsp—Real Time Streaming Protocol.
• sccp—Skinny Client Control Protocol.
• shell—Shell.
• sip—Session Initiation Protocol.
• snmp—SNMP.
• sqlnet—SQLNet.
• sqlnet-v2—Oracle SQL*Net Version 2.
• sun-rpc—Sun Microsystems RPC.
• talk—Talk Program.
• tftp—Trivial File Transfer Protocol.
• traceroute—Traceroute.
• winframe—WinFrame.

<destination-port>—Match TCP/UDP destination port.

• afs—AFS.
• bgp—Border Gateway Protocol.
• biff—Biff/Comsat.
• bootpc—Bootstrap protocol client.
• bootps—Bootstrap protocol server.
• cmd—UNIX rsh.
• cvspserver—CVS pserver.
• dhcp—Dynamic Host Configuration Protocol.
• domain—Domain Name System (DNS).
• eklogin—Encrypted Kerberos rlogin.
• ekshell—Encrypted Kerberos rsh.
• exec—UNIX rexec.
• finger—Finger.
• ftp—FTP.
• ftp-data—FTP data.
• http—Hypertext Transfer Protocol.
• https—Secure HTTP.
• ident—Ident.
• imap—Internet Message Access Protocol.
• kerberos-sec—Kerberos Security.
• klogin—Kerberos rlogin.
• kpasswd—Kerberos passwd.
• krb-prop—Kerberos database propagation.
• krbupdate—Kerberos database update.
• kshell—Kerberos rsh.
• ldap—Lightweight Directory Access Protocol.
• ldp—Label Distribution Protocol.
• login—UNIX rlogin.
• mobileip-agent—Mobile IP agent.
• mobilip-mn—Mobile IP MN.
• msdp—Multicast Source Discovery Protocol.
• netbios-dgm—NetBIOS DGM.
• netbios-ns—NetBIOS name service.
• netbios-ssn—NetBIOS session service.
• nfsd—Network File System.
• nntp—Network News Transport Protocol.
• ntalk—New Talk.
• ntp—Network Time Protocol.
• pop3—Post Office Protocol 3.
• pptp—Point-to-Point Tunneling Protocol.
• printer—Printer.
• radacct—RADIUS accounting.
• radius—RADIUS authentication.
• range—Range of values.
• rip—Routing Information Protocol.
• rkinit—Kerberos remote kinit.
• smtp—Simple Mail Transfer Protocol.
• snmp—Simple Network Management Protocol.
• snmptrap—SNMP traps.
• snpp—Simple paging protocol.
• socks—Socks.
• ssh—Secure shell.
• sunrpc—Sun Microsystems remote procedure call.
• syslog—System log.
• tacacs—TACACS or TACACS+.
• tacacs-ds—TACACS-DS.
• talk—UNIX Talk.
• telnet—Telnet.
• tftp—Trivial FTP.
• timed—UNIX time daemon.
• who—UNIX rwho.
• xdmcp—X Display Manager Control Protocol.

<do-not-translate-A-query-to-AAAA-query>—Knob to control the translation of A query to AAAA query.

<do-not-translate-AAAA-query-to-A-query>—Knob to control the translation of AAAA query to A query.

<icmp-code>—Match ICMP message code.

• communication-prohibited-by-filtering—Communication prohibited by filtering.
• destination-host-prohibited—Destination host prohibited.
• destination-host-unknown—Destination host unknown.
• destination-network-prohibited—Destination network prohibited.
• destination-network-unknown—Destination network unknown.
• fragmentation-needed—Fragmentation needed.
• host-precedence-violation—Host precedence violation.
• host-unreachable—Host unreachable.
• host-unreachable-for-tos—Host unreachable for ToS.
• ip-header-bad—IP header bad.
• network-unreachable—Network unreachable.
• network-unreachable-for-tos—Network unreachable for ToS.
• number—Numeric code value (0 .. 255).
• port-unreachable—Port unreachable.
• precedence-cutoff-in-effect—Precedence cutoff in effect.
• protocol-unreachable—Protocol unreachable.
• redirect-for-host—Redirect for host.
• redirect-for-network—Redirect for network.
• redirect-for-tos-and-host—Redirect for ToS and host.
• redirect-for-tos-and-net—Redirect for ToS and net.
• required-option-missing—Required option missing.
• source-host-isolated—Source host isolated.
• source-route-failed—Source route failed.
• ttl-eq-zero-during-reassembly—TTL eq zero during reassembly.
• ttl-eq-zero-during-transit—TTL eq zero during transit.

<icmp-type>—Match ICMP message type.

• echo-reply—Echo reply.
• echo-request—Echo request.
• info-reply—Informational reply.
• info-request—Informational request.
• mask-reply—Mask reply.
• mask-request—Mask request.
• number—Numeric type value (0 .. 255).
• parameter-problem—Parameter problem.
• redirect—Redirect.
• router-advertisement—Router advertisement.
• router-solicit—Router solicit.
• source-quench—Source quench.
• time-exceeded—Time exceeded.
• timestamp—Timestamp.
• timestamp-reply—Timestamp reply.
• unreachable—Unreachable.

<inactivity-timeout>—Application-specific inactivity timeout.

• never—Disables inactivity timeout.
• timeout—Number of seconds (4 .. 86400).

<learn-sip-register>—Learn potential incoming SIP calls by inspecting the SIP register method.

<name>—Application name.

<protocol>—Match IP protocol type.

• ah—IP Security authentication header.
• egp—Exterior gateway protocol.
• esp—IPSec Encapsulating Security Payload.
• gre—Generic routing encapsulation.
• icmp—Internet Control Message Protocol.
• igmp—Internet Group Management Protocol.
• ipip—IP in IP.
• number—Numeric protocol value (0 .. 255).
• ospf—Open Shortest Path First.
• pim—Protocol Independent Multicast.
• rsvp—Resource Reservation Protocol.
• sctp—Stream Control Transmission Protocol.
• tcp—Transmission Control Protocol.
• udp—User Datagram Protocol.

<rpc-program-number>—Match range of RPC program numbers.

<sip-call-hold-timeout>—SIP flow timeout when call is put on hold.

<snmp-command>—Match SNMP command.

• get—Get request.
• get-next—Get-next request.
• get-response—Get response.
• set—Set request.
• trap—Trap.

<source-port>—Match TCP/UDP source port.

• afs—AFS.
• bgp—Border Gateway Protocol.
• biff—Biff/Comsat.
• bootpc—Bootstrap protocol client.
• bootps—Bootstrap protocol server.
• cmd—UNIX rsh.
• cvspserver—CVS pserver.
• dhcp—Dynamic Host Configuration Protocol.
• domain—Domain Name System (DNS).
• eklogin—Encrypted Kerberos rlogin.
• ekshell—Encrypted Kerberos rsh.
• exec—UNIX rexec.
• finger—Finger.
• ftp—FTP.
• ftp-data—FTP data.
• http—Hypertext Transfer Protocol.
• https—Secure HTTP.
• ident—Ident.
• imap—Internet Message Access Protocol.
• kerberos-sec—Kerberos Security.
• klogin—Kerberos rlogin.
• kpasswd—Kerberos passwd.
• krb-prop—Kerberos database propagation.
• krbupdate—Kerberos database update.
• kshell—Kerberos rsh.
• ldap—Lightweight Directory Access Protocol.
• ldp—Label Distribution Protocol.
• login—UNIX rlogin.
• mobileip-agent—Mobile IP agent.
• mobilip-mn—Mobile IP MN.
• msdp—Multicast Source Discovery Protocol.
• netbios-dgm—NetBIOS DGM.
• netbios-ns—NetBIOS name service.
• netbios-ssn—NetBIOS session service.
• nfsd—Network File System.
• nntp—Network News Transport Protocol.
• ntalk—New Talk.
• ntp—Network Time Protocol.
• pop3—Post Office Protocol 3.
• pptp—Point-to-Point Tunneling Protocol.
• printer—Printer.
• radacct—RADIUS accounting.
• radius—RADIUS authentication.
• range—Range of values.
• rip—Routing Information Protocol.
• rkinit—Kerberos remote kinit.
• smtp—Simple Mail Transfer Protocol.
• snmp—Simple Network Management Protocol.
• snmptrap—SNMP traps.
• snpp—Simple paging protocol.
• socks—Socks.
• ssh—Secure shell.
• sunrpc—Sun Microsystems remote procedure call.
• syslog—System log.
• tacacs—TACACS or TACACS+.
• tacacs-ds—TACACS-DS.
• talk—UNIX Talk.
• telnet—Telnet.
• tftp—Trivial FTP.
• timed—UNIX time daemon.
• who—UNIX rwho.
• xdmcp—X Display Manager Control Protocol.

<ttl-threshold>—Traceroute TTL threshold.

<uuid>—Match universal unique identifier for DCE RPC objects.