File: services

package info (click to toggle)
uif 1.1.9-2
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, sid
  • size: 520 kB
  • sloc: perl: 1,991; sh: 324; makefile: 37
file content (101 lines) | stat: -rw-r--r-- 2,736 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
## UIF 1.0 sample services file
#  (C) 2002-2015, Cajus Pollmeier <pollmeier@gonicus.de>
#  (C) 2002-2015, Jörg Platte <jplatte@gmx.net>
#  (C) 2013-2015, Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
#  (C) 2013-2015, Alex Owen <r.alex.owen@gmail.com>

service {
	# ICMP & Routing
	traceroute	udp(32769:65535/33434:33523)

	# ICMP protocol: IPv4 and IPv6 ICMP types
	ping			icmp(echo-request) ipv6-icmp(echo-request)
	pong			icmp(echo-reply) ipv6-icmp(echo-reply)
	noroute			icmp(destination-unreachable) ipv6-icmp(destination-unreachable)
	router-advertisement	icmp(router-advertisement) ipv6-icmp(router-advertisement)
	router-solicitation	icmp(router-solicitation) ipv6-icmp(router-solicitation)

	# ICMP protocol: IPv4-only ICMP types
	host-unreachable	icmp(host-unreachable)
	ttl-exceeded		icmp(ttl-exceeded)
	source-quench		icmp(source-quench)

	# ICMP protocol: IPv6-only ICMP types
	packet-too-big		ipv6-icmp(packet-too-big)
	time-exceeded		ipv6-icmp(time-exceeded)
	parameter-problem	ipv6-icmp(parameter-problem)
	neighbor-advertisement	ipv6-icmp(neighbor-advertisement)
	neighbor-solicitation	ipv6-icmp(neighbor-solicitation)

	# Most common services you may want to filter
	ftp		tcp(/21)
	ssh		tcp(/22)
	telnet		tcp(/23)
	smtp		tcp(/25)
	whois		tcp(/43)
	dns		tcp(/53) udp(/53)
	bootp		tcp(68/67) udp(68/67)
	http		tcp(/80)
	kerberos5	tcp(/88)
	pop3		tcp(/110)
	sunrpc		udp(/111) tcp(/111)
	ident		tcp(/113)
	ntp		udp(/123)
	nntp		tcp(/119)
        smb             tcp(/137:139) udp(/137:139) tcp(/445) udp(/445)
	imap		tcp(/143)
	xdmcp		udp(/177)
	ldap		tcp(/389)
	https		tcp(/443)
	ssmtp		tcp(/465)
	syslog		udp(/514)
	route		udp(/520) icmp(9)
	uucp		tcp(/540)
	real		tcp(/554)
        ipp             tcp(/631) udp(/631)
	mount		udp(/635)
	ldaps		tcp(/636)
	kerberos4	tcp(/750)
	kerberos-master tcp(/751)
	passwd-server   tcp(/752)
	krb-prop	tcp(/754)
	krbupdate	tcp(/760)
	swat		tcp(/901)
	imaps		tcp(/993)
	pop3s		tcp(/995)
	openvpn		udp(/1194) tcp(/1194)
	nfs		udp(/2049) tcp(/2049)
	cvspserver	tcp(/2401)
	squid		tcp(/3128)
	mysql		tcp(/3306)
	rdp		tcp(/3389)
	munin		tcp(/4949)
	cfengine	tcp(/5308)
	xmpp-client	tcp(/5222) udp(/5222)
	xmpp-server	tcp(/5223) udp(/5223)
	icinga2         tcp(/5665)
	vnc-support	tcp(/5500:5509)
	x11		tcp(/6000:6063)
	proxy		tcp(/8080)
	puppet		tcp(/8140)
	webmin		tcp(/10000)
	dhis		udp(/58800)

        # ipsec
	ipsec           esp(/) udp(/500)

	# some proprietary protocols
	arkeia		tcp(/617)
	pcanywhere	udp(/5632) tcp(/5631)
        msterminal	tcp(/3389) udp(/3389)

	# some protocols
	igmp		igmp()
	pim		pim()
	tcp		tcp(0:65535/0:65535)
	udp		udp(0:65535/0:65535)

	# some useful definitions
	lowports	udp(/1:1023) tcp(/1:1023)
	highports	udp(/1024:65535) tcp(/1024:65535)
}