266. SuSEFirewallServices

Definition of Supported Firewall Services and Port Aliases.

266.1. Summary of Module Globals

List of Global Functions

GetFilenameFromServiceDefinedByPackage - Creates a file name from service name defined by package. Service MUST be defined by package, otherwise it returns 'nil'.
GetListOfServicesAddedByPackage - Returns list of service-ids defined by packages.
GetModified - Returns whether configuration was modified
GetNeededBroadcastPorts - Function returns needed ports allowing broadcast
GetNeededIPProtocols - Function returns needed IP protocols for service
GetNeededPortsAndProtocols - Function returns needed ports and protocols for service. Function cares about if the service is defined or not.
GetNeededRPCPorts - Function returns needed RPC ports for service
GetNeededTCPPorts - Function returns needed TCP ports for service
GetNeededUDPPorts - Function returns needed UDP ports for service
GetPossiblyConflictServices - Function returns list of possibly conflicting services. Conflicting services are for instance nis-client and nis-server.
GetSupportedServices - Function returns the map of supported (known) services.
IsKnownService - Function returns if the service_id is a known (defined) service
ReadServicesDefinedByRPMPackages - Reads definition of services that can be used in FW_CONFIGURATIONS_[EXT|INT|DMZ] in SuSEfirewall2.
ResetModified - Sets that configuration was not modified
ServiceDefinedByPackage - Returns whether the service ID is defined by package.
SetModified - Sets that configuration was modified
SetNeededPortsAndProtocols - Immediately writes the configuration of service defined by package to the service definition file. Service must be defined by package, this function doesn't work for hard-coded services (SuSEFirewallServices).

List of Global Variables

266.2. Global Functions

266.2.1. GetFilenameFromServiceDefinedByPackage

Creates a file name from service name defined by package. Service MUST be defined by package, otherwise it returns 'nil'.

Function parameters

string service

Return value

string - file name (e.g., 'abc')

Example 127.

	GetFilenameFromServiceDefinedByPackage ("service:abc") -> "abc"
	GetFilenameFromServiceDefinedByPackage ("abc") -> nil

266.2.2. GetListOfServicesAddedByPackage

Returns list of service-ids defined by packages.

Return value

list <string> - service ids

266.2.3. GetModified

Returns whether configuration was modified

Return value

boolean - modified

266.2.4. GetNeededBroadcastPorts

Function returns needed ports allowing broadcast

Function parameters

string service

Return value

list <string> - [string] of needed broadcast ports

266.2.5. GetNeededIPProtocols

Function returns needed IP protocols for service

Function parameters

string service

Return value

list <string> - [string] of needed IP protocols

266.2.6. GetNeededPortsAndProtocols

Function returns needed ports and protocols for service. Function cares about if the service is defined or not.

Function parameters

string service

Return value

map <string, list <string> > - of needed ports and protocols

Example 128.

	GetNeededPortsAndProtocols ("service:aaa") -> $[
		"tcp_ports"       : [ "122", "ftp-data" ],
		"udp_ports"       : [ "427" ],
		"rpc_ports"       : [ "portmap", "ypbind" ],
		"ip_protocols"    : [],
		"broadcast_ports" : [ "427" ],
	];

266.2.7. GetNeededRPCPorts

Function returns needed RPC ports for service

Function parameters

string service

Return value

list <string> - [string] of needed RPC ports

266.2.8. GetNeededTCPPorts

Function returns needed TCP ports for service

Function parameters

string service

Return value

list <string> - [string] of needed TCP ports

266.2.9. GetNeededUDPPorts

Function returns needed UDP ports for service

Function parameters

string service

Return value

list <string> - [string] of needed UDP ports

266.2.10. GetPossiblyConflictServices

Function returns list of possibly conflicting services. Conflicting services are for instance nis-client and nis-server.

Return value

list <string> - of conflicting services

266.2.11. GetSupportedServices

Function returns the map of supported (known) services.

Return value

map <string, string> - $[service_id : localized_service_name]

	$[
	  "dns-server" : "DNS Server",
    "vnc" : "Remote Administration",
  ]

266.2.12. IsKnownService

Function returns if the service_id is a known (defined) service

Function parameters

string service_id

Return value

boolean - if is known (defined)

266.2.13. ReadServicesDefinedByRPMPackages

Reads definition of services that can be used in FW_CONFIGURATIONS_[EXT|INT|DMZ] in SuSEfirewall2.

Return value

boolean

266.2.14. ResetModified

Sets that configuration was not modified

Return value

void

266.2.15. ServiceDefinedByPackage

Returns whether the service ID is defined by package.

Function parameters

string service

Return value

boolean

Example 129.

	ServiceDefinedByPackage ("http-server") -> false
	ServiceDefinedByPackage ("service:http-server") -> true

266.2.16. SetModified

Sets that configuration was modified

Return value

void

266.2.17. SetNeededPortsAndProtocols

Immediately writes the configuration of service defined by package to the service definition file. Service must be defined by package, this function doesn't work for hard-coded services (SuSEFirewallServices).

Function parameters

string service
map <string, list <string> > store_definition

Return value

boolean

Example 130.

	SetNeededPortsAndProtocols (
		"service:something",
		$[
			"tcp_ports"       : [ "22", "ftp-data", "400:420" ],
			"udp_ports"       : [ ],
			"rpc_ports"       : [ "portmap", "ypbind" ],
			"ip_protocols"    : [ "esp" ],
			"broadcast_ports" : [ ],
		]
	);