fw alg¶
Configure ALG
alg Specification¶
Parameter Value Type Configuration Resource Element Name alg Element URI /axapi/v3/fw/alg Element Attributes alg_attributes Partition Visibility shared Schema alg schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
| Create Object | POST | /axapi/v3/fw/alg | ||
| Get Object | GET | /axapi/v3/fw/alg | ||
| Modify Object | POST | /axapi/v3/fw/alg | ||
| Replace Object | PUT | /axapi/v3/fw/alg | ||
| Delete Object | DELETE | /axapi/v3/fw/alg | ||
alg attributes¶
dns
Description: dns is a JSON Block. Please see below for dns
Type: Object
Reference Object: /axapi/v3/fw/alg/dns
esp
Description: esp is a JSON Block. Please see below for esp
Type: Object
Reference Object: /axapi/v3/fw/alg/esp
ftp
Description: ftp is a JSON Block. Please see below for ftp
Type: Object
Reference Object: /axapi/v3/fw/alg/ftp
icmp
Description: icmp is a JSON Block. Please see below for icmp
Type: Object
Reference Object: /axapi/v3/fw/alg/icmp
pptp
Description: pptp is a JSON Block. Please see below for pptp
Type: Object
Reference Object: /axapi/v3/fw/alg/pptp
rtsp
Description: rtsp is a JSON Block. Please see below for rtsp
Type: Object
Reference Object: /axapi/v3/fw/alg/rtsp
sctp
Description: sctp is a JSON Block. Please see below for sctp
Type: Object
Reference Object: /axapi/v3/fw/alg/sctp
sip
Description: sip is a JSON Block. Please see below for sip
Type: Object
Reference Object: /axapi/v3/fw/alg/sip
tftp
Description: tftp is a JSON Block. Please see below for tftp
Type: Object
Reference Object: /axapi/v3/fw/alg/tftp
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
ftp¶
Specification Value Type object default-port-disable
Description ‘default-port-disable’: Disable FTP ALG default port 21;
Type: string
Supported Values: default-port-disable
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
ftp_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘client-port-request’: PORT Requests From Client; ‘client-eprt-request’: EPRT Requests From Client; ‘server-pasv-reply’: PASV Replies From Server; ‘server-epsv-reply’: EPSV Replies From Server; ‘port-retransmits’: PORT Retransmits; ‘pasv-retransmits’: PASV Retransmits; ‘smp-app-type-mismatch’: SMP App Type Mismatch; ‘retransmit-sanity-check-failure’: Retransmit Sanity Check Failure; ‘smp-conn-alloc-failure’: SMP Helper Conn Alloc Failure; ‘port-helper-created’: PORT Helper Created; ‘pasv-helper-created’: PASV Helper Created; ‘port-helper-acquire-in-del-q’: PORT Helper Acquire In Del Queue; ‘port-helper-acquire-already-used’: PORT Helper Acquire Already Used; ‘pasv-helper-acquire-in-del-q’: PASV Helper Acquire In Del Queue; ‘pasv-helper-acquire-already-used’: PASV Helper Acquire Already Used; ‘port-helper-freed-used’: PORT Helper Freed Used; ‘port-helper-freed-unused’: PORT Helper Freed Unused; ‘pasv-helper-freed-used’: PASV Helper Freed Used; ‘pasv-helper-freed-unused’: PASV Helper Freed Unused;
Type: string
Supported Values: all, client-port-request, client-eprt-request, server-pasv-reply, server-epsv-reply, port-retransmits, pasv-retransmits, smp-app-type-mismatch, retransmit-sanity-check-failure, smp-conn-alloc-failure, port-helper-created, pasv-helper-created, port-helper-acquire-in-del-q, port-helper-acquire-already-used, pasv-helper-acquire-in-del-q, pasv-helper-acquire-already-used, port-helper-freed-used, port-helper-freed-unused, pasv-helper-freed-used, pasv-helper-freed-unused
sip¶
Specification Value Type object default-port-disable
Description ‘default-port-disable’: Disable SIP ALG default port 5060;
Type: string
Supported Values: default-port-disable
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
sip_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘stat-request’: Request Received; ‘stat-response’: Response Received; ‘method-register’: Method REGISTER; ‘method-invite’: Method INVITE; ‘method-ack’: Method ACK; ‘method-cancel’: Method CANCEL; ‘method-bye’: Method BYE; ‘method-options’: Method OPTIONS; ‘method-prack’: Method PRACK; ‘method-subscribe’: Method SUBSCRIBE; ‘method-notify’: Method NOTIFY; ‘method-publish’: Method PUBLISH; ‘method-info’: Method INFO; ‘method-refer’: Method REFER; ‘method-message’: Method MESSAGE; ‘method-update’: Method UPDATE; ‘method-unknown’: Method Unknown; ‘parse-error’: Message Parse Error; ‘keep-alive’: Keep Alive; ‘contact-error’: Contact Process Error; ‘sdp-error’: SDP Process Error; ‘rtp-port-no-op’: RTP Port No Op; ‘rtp-rtcp-port-success’: RTP RTCP Port Success; ‘rtp-port-failure’: RTP Port Failure; ‘rtcp-port-failure’: RTCP Port Failure; ‘contact-port-no-op’: Contact Port No Op; ‘contact-port-success’: Contact Port Success; ‘contact-port-failure’: Contact Port Failure; ‘contact-new’: Contact Alloc; ‘contact-alloc-failure’: Contact Alloc Failure; ‘contact-eim’: Contact EIM; ‘contact-eim-set’: Contact EIM Set; ‘rtp-new’: RTP Alloc; ‘rtp-alloc-failure’: RTP Alloc Failure; ‘rtp-eim’: RTP EIM; ‘helper-found’: SMP Helper Conn Found; ‘helper-created’: SMP Helper Conn Created; ‘helper-deleted’: SMP Helper Conn Already Deleted; ‘helper-freed’: SMP Helper Conn Freed; ‘helper-failure’: SMP Helper Failure;
Type: string
Supported Values: all, stat-request, stat-response, method-register, method-invite, method-ack, method-cancel, method-bye, method-options, method-prack, method-subscribe, method-notify, method-publish, method-info, method-refer, method-message, method-update, method-unknown, parse-error, keep-alive, contact-error, sdp-error, rtp-port-no-op, rtp-rtcp-port-success, rtp-port-failure, rtcp-port-failure, contact-port-no-op, contact-port-success, contact-port-failure, contact-new, contact-alloc-failure, contact-eim, contact-eim-set, rtp-new, rtp-alloc-failure, rtp-eim, helper-found, helper-created, helper-deleted, helper-freed, helper-failure
esp¶
Specification Value Type object default-port-disable
Description ‘default-port-disable’: Disable ESP ALG default port 500;
Type: string
Supported Values: default-port-disable
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
esp_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘session-created’: ESP Sessions Created; ‘helper-created’: ESP Helper Sessions Created; ‘helper-freed’: ESP Helper Sessions Freed; ‘helper-freed-used’: ESP Helper Sessions freed used; ‘helper-freed-unused’: ESP Helper Sessions freed unused; ‘helper-already-used’: ESP Helper Session already used; ‘helper-in-rml’: ESP Helper Session in Remove List;
Type: string
Supported Values: all, session-created, helper-created, helper-freed, helper-freed-used, helper-freed-unused, helper-already-used, helper-in-rml
pptp¶
Specification Value Type object default-port-disable
Description ‘default-port-disable’: Disable PPTP ALG default port 1723;
Type: string
Supported Values: default-port-disable
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
pptp_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘calls-established’: Calls Established; ‘call-req-pns-call-id-mismatch’: Call ID Mismatch on Call Request; ‘call-reply-pns-call-id-mismatch’: Call ID Mismatch on Call Reply; ‘gre-session-created’: GRE Session Created; ‘gre-session-freed’: GRE Session Freed; ‘call-req-retransmit’: Call Request Retransmit; ‘call-req-new’: Call Request New; ‘call-req-ext-alloc-failure’: Call Request Ext Alloc Failure; ‘call-reply-call-id-unknown’: Call Reply Unknown Client Call ID; ‘call-reply-retransmit’: Call Reply Retransmit; ‘call-reply-ext-ext-alloc-failure’: Call Request Ext Alloc Failure; ‘smp-app-type-mismatch’: SMP App Type Mismatch; ‘smp-client-call-id-mismatch’: SMP Client Call ID Mismatch; ‘smp-sessions-created’: SMP Session Created; ‘smp-sessions-freed’: SMP Session Freed; ‘smp-alloc-failure’: SMP Session Alloc Failure; ‘gre-conn-creation-failure’: GRE Conn Alloc Failure; ‘gre-conn-ext-creation-failure’: GRE Conn Ext Alloc Failure; ‘gre-no-fwd-route’: GRE No Fwd Route; ‘gre-no-rev-route’: GRE No Rev Route; ‘gre-no-control-conn’: GRE No Control Conn; ‘gre-conn-already-exists’: GRE Conn Already Exists; ‘gre-free-no-ext’: GRE Free No Ext; ‘gre-free-no-smp’: GRE Free No SMP; ‘gre-free-smp-app-type-mismatch’: GRE Free SMP App Type Mismatch; ‘control-freed’: Control Session Freed; ‘control-free-no-ext’: Control Free No Ext; ‘control-free-no-smp’: Control Free No SMP; ‘control-free-smp-app-type-mismatch’: Control Free SMP App Type Mismatch;
Type: string
Supported Values: all, calls-established, call-req-pns-call-id-mismatch, call-reply-pns-call-id-mismatch, gre-session-created, gre-session-freed, call-req-retransmit, call-req-new, call-req-ext-alloc-failure, call-reply-call-id-unknown, call-reply-retransmit, call-reply-ext-ext-alloc-failure, smp-app-type-mismatch, smp-client-call-id-mismatch, smp-sessions-created, smp-sessions-freed, smp-alloc-failure, gre-conn-creation-failure, gre-conn-ext-creation-failure, gre-no-fwd-route, gre-no-rev-route, gre-no-control-conn, gre-conn-already-exists, gre-free-no-ext, gre-free-no-smp, gre-free-smp-app-type-mismatch, control-freed, control-free-no-ext, control-free-no-smp, control-free-smp-app-type-mismatch
rtsp¶
Specification Value Type object default-port-disable
Description ‘default-port-disable’: Disable RTSP ALG default port 554;
Type: string
Supported Values: default-port-disable
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
rtsp_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘transport-inserted’: Transport Created; ‘transport-freed’: Transport Freed; ‘transport-alloc-failure’: Transport Alloc Failure; ‘data-session-created’: Data Session Created; ‘data-session-freed’: Data Session Freed; ‘ext-creation-failure’: Extension Creation Failure; ‘transport-add-to-ext’: Transport Added to Extension; ‘transport-removed-from-ext’: Transport Removed from Extension; ‘transport-too-many’: Too Many Transports for Control Conn; ‘transport-already-in-ext’: Transport Already in Extension; ‘transport-exists’: Transport Already Exists; ‘transport-link-ext-failure-control’: Transport Link to Extension Failure Control; ‘transport-link-ext-data’: Transport Link to Extension Data; ‘transport-link-ext-failure-data’: Transport Link to Extension Failure Data; ‘transport-inserted-shadow’: Transport Inserted Shadow; ‘transport-creation-race’: Transport Create Race; ‘transport-alloc-failure-shadow’: Transport Alloc Failure Shadow; ‘transport-put-in-del-q’: Transport Put in Delete Queue; ‘transport-freed-shadow’: Transport Freed Shadow; ‘transport-acquired-from-control’: Transport Acquired Control; ‘transport-found-from-prev-control’: Transport Found From Prev Control; ‘transport-acquire-failure-from-control’: Transport Acquire Failure Control; ‘transport-released-from-control’: Transport Released Control; ‘transport-double-release-from-control’: Transport Double Release Control; ‘transport-acquired-from-data’: Transport Acquired Data; ‘transport-acquire-failure-from-data’: Transport Acquire Failure Data; ‘transport-released-from-data’: Transport Released Data; ‘transport-double-release-from-data’: Transport Double Release Data; ‘transport-retry-lookup-on-data-free’: Transport Retry Lookup Data; ‘transport-not-found-on-data-free’: Transport Not Found Data; ‘data-session-created-shadow’: Data Session Created Shadow; ‘data-session-freed-shadow’: Data Session Freed Shadow; ‘ha-control-ext-creation-failure’: HA Control Extension Creation Failure; ‘ha-control-session-created’: HA Control Session Created; ‘ha-data-session-created’: HA Data Session Created;
Type: string
Supported Values: all, transport-inserted, transport-freed, transport-alloc-failure, data-session-created, data-session-freed, ext-creation-failure, transport-add-to-ext, transport-removed-from-ext, transport-too-many, transport-already-in-ext, transport-exists, transport-link-ext-failure-control, transport-link-ext-data, transport-link-ext-failure-data, transport-inserted-shadow, transport-creation-race, transport-alloc-failure-shadow, transport-put-in-del-q, transport-freed-shadow, transport-acquired-from-control, transport-found-from-prev-control, transport-acquire-failure-from-control, transport-released-from-control, transport-double-release-from-control, transport-acquired-from-data, transport-acquire-failure-from-data, transport-released-from-data, transport-double-release-from-data, transport-retry-lookup-on-data-free, transport-not-found-on-data-free, data-session-created-shadow, data-session-freed-shadow, ha-control-ext-creation-failure, ha-control-session-created, ha-data-session-created
dns¶
Specification Value Type object default-port-disable
Description ‘default-port-disable’: Disable DNS ALG default port 53;
Type: string
Supported Values: default-port-disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tftp¶
Specification Value Type object default-port-disable
Description ‘default-port-disable’: Disable TFTP ALG default port 69;
Type: string
Supported Values: default-port-disable
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tftp_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘session-created’: TFTP Client Sessions Created; ‘helper-created’: TFTP Helper Sessions created; ‘helper-freed’: TFTP Helper Sessions freed; ‘helper-freed-used’: TFTP Helper Sessions freed used; ‘helper-freed-unused’: TFTP Helper Sessions freed unused; ‘helper-already-used’: TFTP Helper Session already used; ‘helper-in-rml’: TFTP Helper Session in Remove List;
Type: string
Supported Values: all, session-created, helper-created, helper-freed, helper-freed-used, helper-freed-unused, helper-already-used, helper-in-rml
icmp¶
Specification Value Type object disable
Description ‘disable’: Disable ICMP ALG which allows ICMP errors to pass the firewall;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
sctp¶
Specification Value Type object action
Description ‘disable’: disable; ‘enable’: enable;
Type: string
Supported Values: disable, enable
Default: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters