onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-18 17:27:20 +01:00
Code Issues Releases Wiki Activity

removed unused files; switched to var FWBUILDER_XML_VERSION for data file version everywhere; removed unused libfwbuilder version vars from configure and .h files

Browse Source
This commit is contained in:
Vadim Kurland 2010-12-25 22:12:33 -08:00
parent 225cc320b7
commit 8dc8dc3a05
14 changed files with 12 additions and 733 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
VERSION
View File

@ -29,11 +29,6 @@ LIBFWBUILDER_CURRENT=9
LIBFWBUILDER_REVISION=1
LIBFWBUILDER_AGE=0
LIBFWBUILDER_SO_VERSION=${LIBFWBUILDER_CURRENT}:${LIBFWBUILDER_REVISION}:${LIBFWBUILDER_AGE}
LIBFWBUILDER_SOLIB_VERSION=${LIBFWBUILDER_CURRENT}.${LIBFWBUILDER_REVISION}.${LIBFWBUILDER_AGE}
LIBFWBUILDER_SOLIB_SYMLINK1_VERSION=${LIBFWBUILDER_CURRENT}.${LIBFWBUILDER_REVISION}
LIBFWBUILDER_SOLIB_SYMLINK2_VERSION=${LIBFWBUILDER_CURRENT}
# Data format version
FWBUILDER_XML_VERSION=17

14
configure.in
View File

@ -38,30 +38,18 @@ AC_SUBST(FWB_MICRO_VERSION)
AC_SUBST(FWB_VERSION)
# libfwbuilder versions
AC_SUBST(LIBMAJOR)
AC_SUBST(LIBFWBUILDER_SO_VERSION)
AC_SUBST(LIBFWBUILDER_SOLIB_VERSION)
AC_SUBST(LIBFWBUILDER_VERSION)
#AC_SUBST(LIBFWBUILDER_LIB_VER)
AC_SUBST(LIBFWBUILDER_SOLIB_SYMLINK1_VERSION)
AC_SUBST(LIBFWBUILDER_SOLIB_SYMLINK2_VERSION)
AC_SUBST(FWBUILDER_XML_VERSION)
SHORTVERSION=${FWB_MAJOR_VERSION}${FWB_MINOR_VERSION}${FWB_MICRO_VERSION}
AC_SUBST(SHORTVERSION)
LIBFWBUILDER_FORMAT_VERSION="${LIBFWBUILDER_VERSION}"
AC_DEFINE_UNQUOTED(LIBFWBUILDER_FORMAT_VERSION, "${LIBFWBUILDER_FORMAT_VERSION}")
AC_DEFINE_UNQUOTED(FWBUILDER_XML_VERSION, "$FWBUILDER_XML_VERSION")
echo "Creating VERSION.h file..."
echo "#define VERSION \"$VERSION\"" > VERSION.h
echo "Creating libfwbuilder-version.h file..."
echo "#define LIBFWBUILDER_VERSION \"$LIBFWBUILDER_VERSION\"" > src/libfwbuilder/src/fwbuilder/libfwbuilder-version.h
echo "#define LIBFWBUILDER_FORMAT_VERSION \"$FWBUILDER_XML_VERSION\"" >> src/libfwbuilder/src/fwbuilder/libfwbuilder-version.h
dnl try to find QT
dnl
AC_ARG_WITH(qtdir,[ --with-qtdir=DIR Specify directory path for QT ])

1
src/libfwbuilder/qmake.inc.in
View File

@ -4,7 +4,6 @@
#
QTDIR = $$(QTDIR)
TEMPLATE = lib
SO_VERSION = @LIBFWBUILDER_SOLIB_VERSION@
DEFINES += $$(DEFINES)
INCLUDEPATH += .. ../.. $$(INCLUDEPATH)
LANGUAGE = C++

9
src/libfwbuilder/src/fwbuilder/Constants.cpp
View File

@ -24,8 +24,9 @@
*/
#include <fwbuilder/Constants.h>
#include <fwbuilder/libfwbuilder-config.h>
#include "../../config.h"
#include "fwbuilder/Constants.h"
#include "fwbuilder/libfwbuilder-config.h"
using namespace std;
using namespace libfwbuilder;
@ -37,12 +38,12 @@ const string Constants::getLibraryDescription()
const string Constants::getLibraryVersion()
{
return string(LIBFWBUILDER_VERSION);
return string(VERSION);
}
const string Constants::getDataFormatVersion()
{
return string(LIBFWBUILDER_FORMAT_VERSION);
return string(FWBUILDER_XML_VERSION);
}
const string Constants::getTemplateDirectory()

6
src/libfwbuilder/src/fwbuilder/FWObjectDatabase.cpp
View File

@ -433,7 +433,7 @@ xmlNodePtr FWObjectDatabase::toXML(xmlNodePtr parent) throw(FWException)
xmlNewProp(parent,
TOXMLCAST("version") ,
TOXMLCAST(LIBFWBUILDER_FORMAT_VERSION));
TOXMLCAST(FWBUILDER_XML_VERSION));
if (lastModified!=0)
{
@ -448,8 +448,8 @@ xmlNodePtr FWObjectDatabase::toXML(xmlNodePtr parent) throw(FWException)
//NOTUSED xmlAttrPtr pr =
xmlNewProp(parent,
TOXMLCAST("id") ,
STRTOXMLCAST(id_dict[rootid]));
TOXMLCAST("id") ,
STRTOXMLCAST(id_dict[rootid]));
//xmlAddID(NULL, parent->doc, STRTOXMLCAST(id_dict[rootid]), pr);

4
src/libfwbuilder/src/fwbuilder/XMLTools.h
View File

@ -89,7 +89,7 @@ class XMLTools
const std::string &dtd_file,
const UpgradePredicate *upgrade,
const std::string &template_dir,
const std::string &current_version = std::string(LIBFWBUILDER_FORMAT_VERSION)
const std::string &current_version = std::string(FWBUILDER_XML_VERSION)
) throw(FWException);
static void setDTD(xmlDocPtr doc,
@ -192,7 +192,7 @@ class XMLTools
const std::string &file_name,
const std::string &type_name,
const std::string &template_dir,
const std::string &current_version = std::string(LIBFWBUILDER_FORMAT_VERSION)
const std::string &current_version = std::string(FWBUILDER_XML_VERSION)
) throw(FWException);
/**

1
src/libfwbuilder/src/fwbuilder/fwbuilder.pro
View File

@ -5,7 +5,6 @@ include(../../qmake.inc)
TEMPLATE = lib
CONFIG += staticlib
VERSION = $$SO_VERSION
#
SOURCES = InetAddr.cpp \
InetAddrMask.cpp \

3
src/libfwbuilder/src/fwbuilder/libfwbuilder-config.h.in
View File

@ -1,10 +1,9 @@
#include "libfwbuilder-version.h"
#ifdef _WIN32
# pragma warning(disable:4786)
#endif
#undef FWBUILDER_XML_VERSION
/*
* Template files directory dir

2
src/libfwbuilder/src/fwbuilder/libfwbuilder-version.h
View File

@ -1,2 +0,0 @@
#define LIBFWBUILDER_VERSION ""
#define LIBFWBUILDER_FORMAT_VERSION "17"

139
src/libfwbuilder/src/test/ipAddressTest.cpp
View File

@ -1,139 +0,0 @@
/*
Firewall Builder
Copyright (C) 2000 NetCitadel, LLC
Author: Vadim Kurland vadim@vk.crocodile.org
$Id: ipAddressTest.cpp 918 2006-03-05 06:07:10Z vkurland $
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "fwbuilder/libfwbuilder-config.h"
#include "fwbuilder/FWObjectDatabase.h"
#include "fwbuilder/FWException.h"
#include "fwbuilder/IPAddress.h"
#include "fwbuilder/AddressRange.h"
#include <fstream>
#include <iostream>
using namespace libfwbuilder;
using namespace std;
void IPAddressTest(FWObjectDatabase *objdb)
{
cout << endl;
cout << "*** Testing IP address arithmetics" << endl;
IPAddress *a=new IPAddress("192.168.1.127");
cout << "created IPAddress object: " << a->toString() << endl;
cout << " trying address arithmetics:\n";
cout << " testing address increment by 1: a1+1=" << (*a+1).toString() << endl;
cout << " testing address decrement by 1: a1-1=" << (*a-1).toString() << endl;
IPAddress *b=new IPAddress("192.168.1.254");
cout << "created IPAddress object: " << b->toString() << endl;
cout << " testing address increments by 1:" << endl;
*b=*b+1;
cout << " " << b->toString() << endl;
*b=*b+1;
cout << " " << b->toString() << endl;
*b=*b+1;
cout << " " << b->toString() << endl;
b=new IPAddress("255.255.255.254");
cout << "created IPAddress object: " << b->toString() << endl;
*b=*b+1;
cout << " " << b->toString() << endl;
*b=*b+1;
cout << " " << b->toString() << endl;
*b=*b+1;
cout << " " << b->toString() << endl;
Netmask *m=new Netmask("255.255.252.0");
cout << "created Netmask object: " << m->toString() << endl;
cout << " testing getLength: length of this netmask is " << m->getLength() << " bits" << endl;
AddressRange *range1=AddressRange::cast(
objdb->create(AddressRange::TYPENAME) );
range1->setRangeStart( IPAddress("192.168.1.1") );
range1->setRangeEnd( IPAddress("192.168.1.11"));
cout << "Created address range : " << range1->getRangeStart().toString()
<< "-" << range1->getRangeEnd().toString() << endl;
cout << " converting addresses to guint32\n";
cout << " a1=" << range1->getRangeStart().to32BitInt() << endl;
cout << " a2=" << range1->getRangeEnd().to32BitInt() << endl;
cout << " Range dimension is " << range1->dimension() << endl;
cout << endl;
cout << " Testing conversion of address range to a set of networks." << endl;
cout << " Need two addresses that define address range start and end:" << endl;
string s;
cout << " Enter address range start address: ";
cin >> s;
IPAddress *a1=new IPAddress(s);
cout << " Enter address range end address: ";
cin >> s;
IPAddress *a2=new IPAddress(s);
guint32 size = htonl(a2->to32BitInt())-htonl(a1->to32BitInt()) + 1;
cout << "Trying to convert range "
<< a1->toString() << "-" << a2->toString()
<< " (" << size << " addresses) "
<< " to networks" << endl;
vector<InetAddrMask> vn=libfwbuilder::convertAddressRange(*a1,*a2);
for (vector<InetAddrMask>::iterator i=vn.begin(); i!=vn.end(); i++)
{
IPAddress bcast=i->getBroadcastAddress();
size=ntohl(bcast.to32BitInt()) - ntohl(i->getAddress().to32BitInt()) + 1;
cout << i->getAddress().toString()
<< "/"
<< i->getNetmask().toString()
<< endl;
cout << " "
<< " broadcast: "
<< bcast.toString()
<< ", "
<< size
<< " addresses"
<< endl;
}
}

160
src/libfwbuilder/src/test/main.cpp
View File

@ -1,160 +0,0 @@
/*
Firewall Builder
Copyright (C) 2000 NetCitadel, LLC
Author: Vadim Kurland vadim@vk.crocodile.org
$Id: main.cpp 918 2006-03-05 06:07:10Z vkurland $
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "fwbuilder/libfwbuilder-config.h"
// #include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <ctype.h>
#include "fwbuilder/FWObjectDatabase.h"
#include "fwbuilder/XMLTools.h"
#include "fwbuilder/FWException.h"
#include "fwbuilder/IPAddress.h"
#include "fwbuilder/AddressRange.h"
#include "fwbuilder/Host.h"
#include "fwbuilder/ObjectGroup.h"
#include <fstream>
#include <iostream>
#include <algorithm>
#include <functional>
#ifndef _WIN32
# include <sys/types.h>
# include <netinet/in.h>
#else
# include <winsock2.h>
#endif
#include <getopt.h>
using namespace libfwbuilder;
using namespace std;
extern void removeObjectTest(FWObjectDatabase* db);
extern void IPAddressTest(FWObjectDatabase* db);
char *filename="test.xml";
FWObjectDatabase *objdb = NULL;
void usage()
{
cout << " test [-h] [-f testfile.xml] " << endl;
}
class UpgradePredicate: public XMLTools::UpgradePredicate
{
public:
virtual bool operator()(const string &msg) const
{
cout << "Data file has been created in the old version of Firewall Builder. Use fwbuilder GUI to convert it." << endl;
return false;
}
};
void initAll()
{
libfwbuilder::init();
/* create database */
objdb = new FWObjectDatabase();
/* load the data file */
UpgradePredicate upgrade_predicate;
// cout << " *** Loading test file " << filename << " ..\n";
// FWObjectDatabase::db->load(filename, &upgrade_predicate, LIBFWBUILDER_TEMPLATE_DIR);
// cout << "done\n";
}
int main(int argc, char * const *argv)
{
#if defined(WORDS_LITTLEENDIAN)
cout << "Byte order: WORDS_LITTLEENDIAN" << endl;
#elif defined(WORDS_BIGENDIAN)
cout << "Byte order: WORDS_BIGENDIAN" << endl;
#else
cout << "Byte order: undefined" << endl;
#endif
cout << "Program executable: " << argv[0] << endl;
int c;
while ((c = getopt (argc , argv , "?hf:")) != EOF )
switch (c) {
case '?':
case 'h':
usage();
return(0);
case 'f':
filename=strdup(optarg);
break;
}
try {
initAll();
IPAddressTest(objdb);
removeObjectTest(objdb);
return 0;
} catch(FWException &ex) {
cerr << ex.toString() << endl;
return 1;
} catch (std::string s) {
cerr << s;
return 1;
} catch (std::exception ex) {
cerr << ex.what();
return 1;
} catch (...) {
cerr << "Unsupported exception";
return 1;
}
return 0;
}

93
src/libfwbuilder/src/test/removeObjectTest.cpp
View File

@ -1,93 +0,0 @@
/*
Firewall Builder
Copyright (C) 2000 NetCitadel, LLC
Author: Vadim Kurland vadim@vk.crocodile.org
$Id: removeObjectTest.cpp 918 2006-03-05 06:07:10Z vkurland $
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "fwbuilder/libfwbuilder-config.h"
#include "fwbuilder/FWObjectDatabase.h"
#include "fwbuilder/FWException.h"
#include "fwbuilder/Host.h"
#include "fwbuilder/ObjectGroup.h"
#include <fstream>
#include <iostream>
using namespace libfwbuilder;
using namespace std;
string generateHostName(int n)
{
char s[32];
sprintf(s,"Host_%d",n);
return string(s);
}
/*
* adds host with the name "Host_N" and ID = "ID_host_N"
*/
FWObject* createHost( FWObjectDatabase *db , int N)
{
Host *h=Host::cast( db->create(Host::TYPENAME, true) );
h->setName( generateHostName(N) );
return h;
}
void deleteObject( FWObjectDatabase *db,FWObject *obj)
{
db->removeAllInstances(obj);
}
void removeObjectTest(FWObjectDatabase *objdb)
{
cout << endl;
cout << "*** Testing object search and removal" << endl;
string id50;
int N=2000;
cout << " *** Create " << N << " Host objects ..\n";
for (int i=0; i<N; ++i) {
FWObject *h=createHost( objdb , i );
objdb->add(h);
if (i==50) id50=h->getId();
}
cout << "done\n";
cout << " *** Find host #50 ( id=" << id50 << " )..." << endl;
FWObject *obj=objdb->getById( id50 , true );
cout << "done. Obj=" << obj << endl;
/* delete host number 50 */
cout << " *** Delete host #50 ..." << endl;
deleteObject( objdb , obj );
cout << "done\n";
}

37
src/libfwbuilder/src/test/test.pro
View File

@ -1,37 +0,0 @@
#-*- mode: makefile; tab-width: 4; -*-
#
include(../../qmake.inc)
#
TEMPLATE= app
#
VERSION = $$SO_VERSION
#
SOURCES = ipAddressTest.cpp \
main.cpp \
removeObjectTest.cpp
#
TARGET = test
win32:target.path =$$prefix/
unix:target.path =$$prefix/usr/bin
macx:target.path =$$prefix/
unix {
CONFIG -= qt
CONFIG += warn_on debug
INCLUDEPATH += ../
LIBS += -L../fwbuilder -lfwbuilder -pthread -lxslt -lxml2 -lz -lm -lssl -lcrypto /usr/lib/libresolv.a
}
win32 {
CONFIG -= qt
CONFIG += thread rtti stl warn_on release
DEFINES += LIBXML_STATIC LIBXSLT_STATIC LIBEXSLT_STATIC XMLSEC_STATIC
INCLUDEPATH += Z:\include C:\local\include
LIBS += -LZ: -LC:\local\lib
LIBS += fwbuilder.lib ws2_32.lib pthreadVC.lib getopt.lib
LIBS += libxml2.lib libxslt.lib zlib.lib ssleay32.lib libeay32.lib
}
INSTALLS -= target

271
src/libfwbuilder/src/test/test.xml
View File

@ -1,271 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="2.0.0" id="root">
<Library ro="True" id="syslib000" name="Standard" comment="Standard objects" color="#d4f8ff">
<AnyNetwork comment="Any Network" id="sysid0" name="Any" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService comment="Any IP Service" id="sysid1" name="Any" protocol_num="0"/>
<AnyInterval comment="Any Interval" from_day="-1" from_hour="-1" from_minute="-1" from_month="-1" from_weekday="-1" from_year="-1" id="sysid2" name="Any" to_day="-1" to_hour="-1" to_minute="-1" to_month="-1" to_weekday="-1" to_year="-1"/>
<ObjectGroup id="stdid01" name="Objects">
<ObjectGroup id="stdid16" name="Addresses"/>
<ObjectGroup id="stdid04" name="Groups">
<ObjectGroup id="id3DC75CE8" name="rfc1918-nets">
<ObjectRef ref="id3DC75CE5"/>
<ObjectRef ref="id3DC75CE6"/>
<ObjectRef ref="id3DC75CE7"/>
</ObjectGroup>
</ObjectGroup>
<ObjectGroup id="stdid02" name="Hosts"/>
<ObjectGroup id="stdid03" name="Networks">
<Network comment="224.0.0.0/4 - This block, formerly known as the Class D address space, is allocated for use in IPv4 multicast address assignments. The IANA guidelines for assignments from this space are described in [RFC3171]. " id="id3DC75CEC" name="all multicasts" address="224.0.0.0" netmask="240.0.0.0"/>
<Network comment="169.254.0.0/16 - This is the &quot;link local&quot; block. It is allocated for communication between hosts on a single link. Hosts obtain these addresses by auto-configuration, such as when a DHCP server may not be found. " id="id3F4ECE3E" name="link-local" address="169.254.0.0" netmask="255.255.0.0"/>
<Network comment="127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. A datagram sent by a higher level protocol to an address anywhere within this block should loop back inside the host. This is ordinarily implemented using only 127.0.0.1/32 for loopback, but no addresses within this block should ever appear on any network anywhere [RFC1700, page 5]. " id="id3F4ECE3D" name="loopback-net" address="127.0.0.0" netmask="255.0.0.0"/>
<Network comment="10.0.0.0/8 - This block is set aside for use in private networks. Its intended use is documented in [RFC1918]. Addresses within this block should not appear on the public Internet." id="id3DC75CE5" name="net-10.0.0.0" address="10.0.0.0" netmask="255.0.0.0"/>
<Network comment="172.16.0.0/12 - This block is set aside for use in private networks. Its intended use is documented in [RFC1918]. Addresses within this block should not appear on the public Internet. " id="id3DC75CE7" name="net-172.16.0.0" address="172.16.0.0" netmask="255.240.0.0"/>
<Network comment="192.168.0.0/16 - This block is set aside for use in private networks. Its intended use is documented in [RFC1918]. Addresses within this block should not appear on the public Internet. " id="id3DC75CE6" name="net-192.168.0.0" address="192.168.0.0" netmask="255.255.0.0"/>
<Network comment="192.0.2.0/24 - This block is assigned as &quot;TEST-NET&quot; for use in documentation and example code. It is often used in conjunction with domain names example.com or example.net in vendor and protocol documentation. Addresses within this block should not appear on the public Internet. " id="id3F4ECE3F" name="test-net" address="192.0.2.0" netmask="255.255.255.0"/>
<Network comment="0.0.0.0/8 - Addresses in this block refer to source hosts on &quot;this&quot; network. Address 0.0.0.0/32 may be used as a source address for this host on this network; other addresses within 0.0.0.0/8 may be used to refer to specified hosts on this network [RFC1700, page 4]." id="id3F4ECE40" name="this-net" address="0.0.0.0" netmask="255.0.0.0"/>
</ObjectGroup>
<ObjectGroup id="stdid15" name="Address Ranges">
<AddressRange comment="" id="id3F6D115C" name="broadcast" start_address="255.255.255.255" end_address="255.255.255.255"/>
<AddressRange comment="" id="id3F6D115D" name="old-broadcast" start_address="0.0.0.0" end_address="0.0.0.0"/>
</ObjectGroup>
</ObjectGroup>
<ServiceGroup id="stdid05" name="Services">
<CustomService comment="This service matches all packets which are part of network connections established through the firewall, or connections 'related' to those established through the firewall. Term 'established' refers to the state tracking mechanism which exists inside iptables and other stateful firewalls and does not mean any particular combination of packet header options. Packet is considered to correspond to the state 'ESTABLISHED' if it belongs to the network session, for which proper initiation has been seen by the firewall, so its stateful inspection module made appropriate record in the state table. Usually stateful firewalls keep track of network connections using not only tcp protocol, but also udp and sometimes even icmp protocols. 'RELATED' describes packet belonging to a separate network connection, related to the session firewall is keeping track of. One example is FTP command and FTP data sessions." id="stdid14_1" name="ESTABLISHED">
<CustomServiceCommand platform="Undefined"/>
<CustomServiceCommand platform="ipfilter"/>
<CustomServiceCommand platform="ipfw">established</CustomServiceCommand>
<CustomServiceCommand platform="iptables">-m state --state ESTABLISHED,RELATED</CustomServiceCommand>
</CustomService>
<ServiceGroup id="stdid10" name="Groups">
<ServiceGroup comment="" id="sg-DHCP" name="DHCP">
<ServiceRef ref="udp-bootpc"/>
<ServiceRef ref="udp-bootps"/>
</ServiceGroup>
<ServiceGroup id="id3F530CC8" name="DNS">
<ServiceRef ref="udp-DNS"/>
<ServiceRef ref="tcp-DNS"/>
</ServiceGroup>
<ServiceGroup id="id3CB1279B" name="IPSEC">
<ServiceRef ref="id3CB12797"/>
<ServiceRef ref="ip-IPSEC"/>
</ServiceGroup>
<ServiceGroup comment="" id="sg-NETBIOS" name="NETBIOS">
<ServiceRef ref="udp-netbios-dgm"/>
<ServiceRef ref="udp-netbios-ns"/>
<ServiceRef ref="id3E755609"/>
</ServiceGroup>
<ServiceGroup id="id3CB131CC" name="PCAnywhere">
<ServiceRef ref="id3CB131CA"/>
<ServiceRef ref="id3CB131C8"/>
</ServiceGroup>
<ServiceGroup comment="" id="sg-Useful_ICMP" name="Useful_ICMP">
<ServiceRef ref="icmp-Time_exceeded"/>
<ServiceRef ref="icmp-Time_exceeded_in_transit"/>
<ServiceRef ref="icmp-ping_reply"/>
<ServiceRef ref="icmp-Unreachables"/>
</ServiceGroup>
<ServiceGroup id="id3B4FEDD9" name="kerberos">
<ServiceRef ref="id3B4FEDA5"/>
<ServiceRef ref="id3B4FEDA9"/>
<ServiceRef ref="id3B4FEDA7"/>
<ServiceRef ref="id3B4FEDAB"/>
<ServiceRef ref="id3B4FEDA3"/>
<ServiceRef ref="id3B4FEE21"/>
<ServiceRef ref="id3B4FEE23"/>
<ServiceRef ref="id3E7E3EA2"/>
</ServiceGroup>
<ServiceGroup id="id3B4FF35E" name="nfs">
<ServiceRef ref="id3B4FEE7A"/>
<ServiceRef ref="id3B4FEE78"/>
</ServiceGroup>
<ServiceGroup id="id3B4FEFFA" name="quake">
<ServiceRef ref="id3B4FEF7C"/>
<ServiceRef ref="id3B4FEF7E"/>
</ServiceGroup>
<ServiceGroup id="id3D703C9A" name="Real Player">
<ServiceRef ref="id3D703C99"/>
<ServiceRef ref="id3D703C8B"/>
</ServiceGroup>
<ServiceGroup id="id3E7E3E95" name="WinNT">
<ServiceRef ref="sg-NETBIOS"/>
<ServiceRef ref="id3DC8C8BB"/>
<ServiceRef ref="id3E7E3D58"/>
</ServiceGroup>
<ServiceGroup id="id3E7E3E9A" name="Win2000">
<ServiceRef ref="id3E7E3E95"/>
<ServiceRef ref="udp-DNS"/>
<ServiceRef ref="id3DC8C8BC"/>
<ServiceRef ref="id3E7E3EA2"/>
<ServiceRef ref="id3AECF778"/>
<ServiceRef ref="id3D703C90"/>
<ServiceRef ref="id3E7E4039"/>
<ServiceRef ref="id3E7E403A"/>
<ServiceRef ref="id3B4FEDA5"/>
<ServiceRef ref="tcp-DNS"/>
</ServiceGroup>
</ServiceGroup>
<ServiceGroup id="stdid07" name="ICMP">
<ICMPService code="-1" comment="" id="icmp-Unreachables" name="all ICMP unreachables" type="3"/>
<ICMPService code="-1" comment="" id="id3C20EEB5" name="any ICMP" type="-1"/>
<ICMPService code="1" comment="" id="icmp-Host_unreach" name="host_unreach" type="3"/>
<ICMPService code="0" comment="" id="icmp-ping_reply" name="ping reply" type="0"/>
<ICMPService code="0" comment="" id="icmp-ping_request" name="ping request" type="8"/>
<ICMPService code="3" comment="Port unreachable" id="icmp-Port_unreach" name="port unreach" type="3"/>
<ICMPService code="0" comment="ICMP messages of this type are needed for traceroute" id="icmp-Time_exceeded" name="time exceeded" type="11"/>
<ICMPService code="1" comment="" id="icmp-Time_exceeded_in_transit" name="time exceeded in transit" type="11"/>
</ServiceGroup>
<ServiceGroup id="stdid06" name="IP">
<IPService comment="IPSEC Authentication Header Protocol" fragm="False" id="id3CB12797" lsrr="False" name="AH" protocol_num="51" rr="False" short_fragm="False" ssrr="False" ts="False"/>
<IPService comment="IPSEC Encapsulating Security Payload Protocol" fragm="False" id="ip-IPSEC" lsrr="False" name="ESP" protocol_num="50" rr="False" short_fragm="False" ssrr="False" ts="False"/>
<IPService comment="Route recording packets" fragm="False" id="ip-RR" lsrr="False" name="RR" protocol_num="0" rr="True" short_fragm="False" ssrr="False" ts="False"/>
<IPService comment="All sorts of Source Routing Packets" fragm="False" id="ip-SRR" lsrr="True" name="SRR" protocol_num="0" rr="False" short_fragm="False" ssrr="True" ts="False"/>
<IPService comment="'Short' fragments" fragm="False" id="ip-IP_Fragments" lsrr="False" name="ip_fragments" protocol_num="0" rr="False" short_fragm="True" ssrr="False" ts="False"/>
<IPService comment="IPSEC Simple Key Management for Internet Protocols" fragm="False" id="id3D703C8E" lsrr="False" name="SKIP" protocol_num="57" rr="False" short_fragm="False" ssrr="False" ts="False"/>
<IPService comment="Generic Routing Encapsulation " fragm="False" id="id3D703C8F" lsrr="False" name="GRE" protocol_num="47" rr="False" short_fragm="False" ssrr="False" ts="False"/>
<IPService comment="Virtual Router Redundancy Protocol" fragm="False" id="id3D703C95" lsrr="False" name="vrrp" protocol_num="112" rr="False" short_fragm="False" ssrr="False" ts="False"/>
</ServiceGroup>
<ServiceGroup id="stdid09" name="TCP">
<TCPService ack_flag="False" ack_flag_mask="False" comment="ipchains used to use this range of port numbers for masquerading. " dst_range_end="0" dst_range_start="0" fin_flag="False" fin_flag_mask="False" id="tcp-ALL_TCP_Masqueraded" name="ALL TCP Masqueraded" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="65095" src_range_start="61000" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="5190" dst_range_start="5190" fin_flag="False" fin_flag_mask="False" id="id3D703C94" name="AOL" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="0" dst_range_start="0" fin_flag="False" fin_flag_mask="False" id="tcp-All_TCP" name="All TCP" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="1494" dst_range_start="1494" fin_flag="False" fin_flag_mask="False" id="id3CB131C4" name="Citrix-ICA" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="Entrust CA Administration Service" dst_range_end="709" dst_range_start="709" fin_flag="False" fin_flag_mask="False" id="id3D703C91" name="Entrust-Admin" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="Entrust CA Key Management Service" dst_range_end="710" dst_range_start="710" fin_flag="False" fin_flag_mask="False" id="id3D703C92" name="Entrust-KeyMgmt" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="1720" dst_range_start="1720" fin_flag="False" fin_flag_mask="False" id="id3AEDBEAC" name="H323" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="3268" dst_range_start="3268" fin_flag="False" fin_flag_mask="False" id="id3E7E4039" name="LDAP GC" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="3269" dst_range_start="3269" fin_flag="False" fin_flag_mask="False" id="id3E7E403A" name="LDAP GC SSL" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="Open Windows" dst_range_end="2000" dst_range_start="2000" fin_flag="False" fin_flag_mask="False" id="id3D703C83" name="OpenWindows" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="data channel for PCAnywhere v7.52 and later " dst_range_end="5631" dst_range_start="5631" fin_flag="False" fin_flag_mask="False" id="id3CB131C8" name="PCAnywhere-data" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="RealNetworks PNA Protocol" dst_range_end="7070" dst_range_start="7070" fin_flag="False" fin_flag_mask="False" id="id3D703C8B" name="Real-Audio" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="2998" dst_range_start="2998" fin_flag="False" fin_flag_mask="False" id="id3D703C93" name="RealSecure" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="SMB over TCP (without NETBIOS) " dst_range_end="445" dst_range_start="445" fin_flag="False" fin_flag_mask="False" id="id3DC8C8BC" name="SMB" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="49" dst_range_start="49" fin_flag="False" fin_flag_mask="False" id="id3D703C8D" name="TACACSplus" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="TCP high ports" dst_range_end="65535" dst_range_start="1024" fin_flag="False" fin_flag_mask="False" id="id3D703C84" name="TCP high ports" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="42" dst_range_start="42" fin_flag="False" fin_flag_mask="False" id="id3E7E3D58" name="WINS replication" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="X Window System" dst_range_end="6063" dst_range_start="6000" fin_flag="False" fin_flag_mask="False" id="id3D703C82" name="X11" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="113" dst_range_start="113" fin_flag="False" fin_flag_mask="False" id="tcp-Auth" name="auth" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="13" dst_range_start="13" fin_flag="False" fin_flag_mask="False" id="id3AEDBE6E" name="daytime" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="53" dst_range_start="53" fin_flag="False" fin_flag_mask="False" id="tcp-DNS" name="domain" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="2105" dst_range_start="2105" fin_flag="False" fin_flag_mask="False" id="id3B4FEDA3" name="eklogin" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="79" dst_range_start="79" fin_flag="False" fin_flag_mask="False" id="id3AECF774" name="finger" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="21" dst_range_start="21" fin_flag="False" fin_flag_mask="False" id="tcp-FTP" name="ftp" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="FTP data channel. Note: FTP protocol does not really require server to use source port 20 for the data channel, but many ftp server implementations do so." dst_range_end="65535" dst_range_start="1024" fin_flag="False" fin_flag_mask="False" id="tcp-FTP_data" name="ftp data" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="20" src_range_start="20" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="FTP data channel for passive mode transfers " dst_range_end="20" dst_range_start="20" fin_flag="False" fin_flag_mask="False" id="id3E7553BC" name="ftp data passive" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="80" dst_range_start="80" fin_flag="False" fin_flag_mask="False" id="tcp-HTTP" name="http" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="443" dst_range_start="443" fin_flag="False" fin_flag_mask="False" id="id3B4FED69" name="https" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="143" dst_range_start="143" fin_flag="False" fin_flag_mask="False" id="id3AECF776" name="imap" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="993" dst_range_start="993" fin_flag="False" fin_flag_mask="False" id="id3B4FED9F" name="imaps" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="6667" dst_range_start="6667" fin_flag="False" fin_flag_mask="False" id="id3B4FF13C" name="irc" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="88" dst_range_start="88" fin_flag="False" fin_flag_mask="False" id="id3E7E3EA2" name="kerberos" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="543" dst_range_start="543" fin_flag="False" fin_flag_mask="False" id="id3B4FEE21" name="klogin" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="544" dst_range_start="544" fin_flag="False" fin_flag_mask="False" id="id3B4FEE23" name="ksh" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="389" dst_range_start="389" fin_flag="False" fin_flag_mask="False" id="id3AECF778" name="ldap" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="Lightweight Directory Access Protocol over TLS/SSL" dst_range_end="636" dst_range_start="636" fin_flag="False" fin_flag_mask="False" id="id3D703C90" name="ldaps" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="98" dst_range_start="98" fin_flag="False" fin_flag_mask="False" id="id3B4FF000" name="linuxconf" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="98" dst_range_start="98" fin_flag="False" fin_flag_mask="False" id="id3AED0D6D" name="linuxconf" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="515" dst_range_start="515" fin_flag="False" fin_flag_mask="False" id="id3D703C97" name="lpr" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="135" dst_range_start="135" fin_flag="False" fin_flag_mask="False" id="id3DC8C8BB" name="microsoft-rpc" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="Microsoft SQL Server" dst_range_end="1433" dst_range_start="1433" fin_flag="False" fin_flag_mask="False" id="id3D703C98" name="ms-sql" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="3306" dst_range_start="3306" fin_flag="False" fin_flag_mask="False" id="id3B4FEEEE" name="mysql" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="139" dst_range_start="139" fin_flag="False" fin_flag_mask="False" id="id3E755609" name="netbios-ssn" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="2049" dst_range_start="2049" fin_flag="False" fin_flag_mask="False" id="id3B4FEE7A" name="nfs" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="119" dst_range_start="119" fin_flag="False" fin_flag_mask="False" id="tcp-NNTP" name="nntp" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="NNTP over SSL" dst_range_end="563" dst_range_start="563" fin_flag="False" fin_flag_mask="False" id="id3E7553BB" name="nntps" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="110" dst_range_start="110" fin_flag="False" fin_flag_mask="False" id="id3B4FEE1D" name="pop3" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="POP-3 over SSL" dst_range_end="995" dst_range_start="995" fin_flag="False" fin_flag_mask="False" id="id3E7553BA" name="pop3s" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="5432" dst_range_start="5432" fin_flag="False" fin_flag_mask="False" id="id3B4FF0EA" name="postgres" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="515" dst_range_start="515" fin_flag="False" fin_flag_mask="False" id="id3AECF782" name="printer" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="26000" dst_range_start="26000" fin_flag="False" fin_flag_mask="False" id="id3B4FEF7C" name="quake" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="512" dst_range_start="512" fin_flag="False" fin_flag_mask="False" id="id3AECF77A" name="rexec" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="513" dst_range_start="513" fin_flag="False" fin_flag_mask="False" id="id3AECF77C" name="rlogin" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="514" dst_range_start="514" fin_flag="False" fin_flag_mask="False" id="id3AECF77E" name="rshell" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="Real Time Streaming Protocol" dst_range_end="554" dst_range_start="554" fin_flag="False" fin_flag_mask="False" id="id3D703C99" name="rtsp" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="4321" dst_range_start="4321" fin_flag="False" fin_flag_mask="False" id="id3B4FEF34" name="rwhois" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="5510" dst_range_start="5510" fin_flag="False" fin_flag_mask="False" id="id3D703C89" name="securidprop" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="25" dst_range_start="25" fin_flag="False" fin_flag_mask="False" id="tcp-SMTP" name="smtp" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="465" dst_range_start="465" fin_flag="False" fin_flag_mask="False" id="id3B4FF04C" name="smtps" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="1080" dst_range_start="1080" fin_flag="False" fin_flag_mask="False" id="id3B4FEE76" name="socks" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="1521" dst_range_start="1521" fin_flag="False" fin_flag_mask="False" id="id3D703C87" name="sqlnet1" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="3128" dst_range_start="3128" fin_flag="False" fin_flag_mask="False" id="id3B4FF09A" name="squid" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="22" dst_range_start="22" fin_flag="False" fin_flag_mask="False" id="tcp-SSH" name="ssh" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="111" dst_range_start="111" fin_flag="False" fin_flag_mask="False" id="id3AEDBE00" name="sunrpc" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="True" comment="" dst_range_end="0" dst_range_start="0" fin_flag="False" fin_flag_mask="True" id="tcp-TCP-SYN" name="tcp-syn" psh_flag="False" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" src_range_end="0" src_range_start="0" syn_flag="True" syn_flag_mask="True" urg_flag="False" urg_flag_mask="True"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="23" dst_range_start="23" fin_flag="False" fin_flag_mask="False" id="tcp-Telnet" name="telnet" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="540" dst_range_start="540" fin_flag="False" fin_flag_mask="False" id="tcp-uucp" name="uucp" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="Windows Terminal Services" dst_range_end="3389" dst_range_start="3389" fin_flag="False" fin_flag_mask="False" id="id3CB131C6" name="winterm" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="False" ack_flag_mask="False" comment="" dst_range_end="7100" dst_range_start="7100" fin_flag="False" fin_flag_mask="False" id="id3B4FF1B8" name="xfs" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" src_range_end="0" src_range_start="0" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False"/>
<TCPService ack_flag="True" ack_flag_mask="True" comment="" dst_range_end="0" dst_range_start="0" fin_flag="True" fin_flag_mask="True" id="id3C685B2B" name="xmas scan" psh_flag="True" psh_flag_mask="True" rst_flag="True" rst_flag_mask="True" src_range_end="0" src_range_start="0" syn_flag="True" syn_flag_mask="True" urg_flag="True" urg_flag_mask="True"/>
</ServiceGroup>
<ServiceGroup id="stdid08" name="UDP">
<UDPService comment="ipchains used to use this port range for masqueraded packets" dst_range_end="0" dst_range_start="0" id="udp-ALL_UDP_Masqueraded" name="ALL UDP Masqueraded" src_range_end="65095" src_range_start="61000"/>
<UDPService comment="" dst_range_end="0" dst_range_start="0" id="udp-All_UDP" name="All UDP" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="4000" dst_range_start="4000" id="id3D703C96" name="ICQ" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="500" dst_range_start="500" id="id3CB129D2" name="IKE" src_range_end="0" src_range_start="0"/>
<UDPService comment="status channel for PCAnywhere v7.52 and later" dst_range_end="5632" dst_range_start="5632" id="id3CB131CA" name="PCAnywhere-status" src_range_end="0" src_range_start="0"/>
<UDPService comment="routing protocol RIP" dst_range_end="520" dst_range_start="520" id="id3AED0D6B" name="RIP" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="1645" dst_range_start="1645" id="id3D703C8C" name="Radius" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="65535" dst_range_start="1024" id="id3D703C85" name="UDP high ports" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="513" dst_range_start="513" id="id3D703C86" name="Who" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="7009" dst_range_start="7000" id="id3B4FEDA1" name="afs" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="68" dst_range_start="68" id="udp-bootpc" name="bootpc" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="67" dst_range_start="67" id="udp-bootps" name="bootps" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="13" dst_range_start="13" id="id3AEDBE70" name="daytime" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="53" dst_range_start="53" id="udp-DNS" name="domain" src_range_end="0" src_range_start="0"/>
<UDPService comment="VocalTec Internet Phone" dst_range_end="22555" dst_range_start="22555" id="id3D703C8A" name="interphone" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="88" dst_range_start="88" id="id3B4FEDA5" name="kerberos" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="750" dst_range_start="749" id="id3B4FEDA9" name="kerberos-adm" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="464" dst_range_start="464" id="id3B4FEDA7" name="kpasswd" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="4444" dst_range_start="4444" id="id3B4FEDAB" name="krb524" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="135" dst_range_start="135" id="id3F865B0D" name="microsoft-rpc" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="138" dst_range_start="138" id="udp-netbios-dgm" name="netbios-dgm" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="137" dst_range_start="137" id="udp-netbios-ns" name="netbios-ns" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="139" dst_range_start="139" id="udp-netbios-ssn" name="netbios-ssn" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="2049" dst_range_start="2049" id="id3B4FEE78" name="nfs" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="123" dst_range_start="123" id="udp-ntp" name="ntp" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="26000" dst_range_start="26000" id="id3B4FEF7E" name="quake" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="1024" dst_range_start="1024" id="id3D703C88" name="secureid-udp" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="161" dst_range_start="161" id="udp-SNMP" name="snmp" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="162" dst_range_start="162" id="id3AED0D69" name="snmp-trap" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="111" dst_range_start="111" id="id3AEDBE19" name="sunrpc" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="514" dst_range_start="514" id="id3AECF780" name="syslog" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="69" dst_range_start="69" id="id3AED0D67" name="tftp" src_range_end="0" src_range_start="0"/>
<UDPService comment="" dst_range_end="33524" dst_range_start="33434" id="id3AED0D8C" name="traceroute" src_range_end="0" src_range_start="0"/>
</ServiceGroup>
<ServiceGroup id="stdid13" name="Custom">
<CustomService comment="works in iptables and requires patch-o-matic. For more information look for patch-o-matic on http://www.netfilter.org/" id="id3B64EEA8" name="rpc"/>
<CustomService comment="IRC connection tracker, supports DCC. Works on iptables and requires patch-o-matic. For more information look for patch-o-matic on http://www.netfilter.org/ " id="id3B64EF4E" name="irc-conn"/>
<CustomService comment="Port scan detector, works only on iptables and requires patch-o-matic For more information look for patch-o-matic on http://www.netfilter.org/" id="id3B64EF50" name="psd"/>
<CustomService comment="Matches a string in a whole packet, works in iptables and requires patch-o-matic. For more information look for patch-o-matic on http://www.netfilter.org/" id="id3B64EF52" name="string"/>
<CustomService comment="Talk protocol support. Works in iptables and requires patch-o-matic. For more information look for patch-o-matic on http://www.netfilter.org/" id="id3B64EF54" name="talk"/>
</ServiceGroup>
</ServiceGroup>
<ObjectGroup id="stdid12" name="Firewalls"/>
<IntervalGroup id="stdid11" name="Time">
<Interval comment="any day, 9:00am through 5:00pm" from_day="-1" from_hour="9" from_minute="0" from_month="-1" from_weekday="1" from_year="-1" id="int-workhours" name="workhours" to_day="-1" to_hour="17" to_minute="0" to_month="-1" to_weekday="5" to_year="-1"/>
<Interval comment="weekends: Saturday 0:00 through Sunday 23:59 " from_day="-1" from_hour="0" from_minute="0" from_month="-1" from_weekday="7" from_year="-1" id="int-weekends" name="weekends" to_day="-1" to_hour="23" to_minute="59" to_month="-1" to_weekday="1" to_year="-1"/>
<Interval comment="any day 6:00pm - 12:00am" from_day="-1" from_hour="18" from_minute="0" from_month="-1" from_weekday="-1" from_year="-1" id="int-afterhours" name="afterhours" to_day="-1" to_hour="23" to_minute="59" to_month="-1" to_weekday="-1" to_year="-1"/>
<Interval comment="" from_day="-1" from_hour="0" from_minute="0" from_month="-1" from_weekday="6" from_year="-1" id="id3C63479C" name="Sat" to_day="-1" to_hour="23" to_minute="59" to_month="-1" to_weekday="6" to_year="-1"/>
<Interval comment="" from_day="-1" from_hour="0" from_minute="0" from_month="-1" from_weekday="0" from_year="-1" id="id3C63479E" name="Sun" to_day="-1" to_hour="23" to_minute="59" to_month="-1" to_weekday="0" to_year="-1"/>
</IntervalGroup>
</Library>
<Library id="syslib001" name="User" comment="User defined objects" color="#d2ffd0">
<ObjectGroup id="stdid01_1" name="Objects">
<ObjectGroup id="stdid16_1" name="Addresses"/>
<ObjectGroup id="stdid04_1" name="Groups"/>
<ObjectGroup id="stdid02_1" name="Hosts"/>
<ObjectGroup id="stdid03_1" name="Networks"/>
<ObjectGroup id="stdid15_1" name="Address Ranges"/>
</ObjectGroup>
<ServiceGroup id="stdid05_1" name="Services">
<ServiceGroup id="stdid10_1" name="Groups"/>
<ServiceGroup id="stdid07_1" name="ICMP"/>
<ServiceGroup id="stdid06_1" name="IP"/>
<ServiceGroup id="stdid09_1" name="TCP"/>
<ServiceGroup id="stdid08_1" name="UDP"/>
<ServiceGroup id="stdid13_1" name="Custom"/>
</ServiceGroup>
<ObjectGroup id="stdid12_1" name="Firewalls"/>
<IntervalGroup id="stdid11_1" name="Time"/>
</Library>
</FWObjectDatabase>