- DL manuals
- Watchguard
- Network Router
- Firebox X10E
- Reference Manual
Watchguard Firebox X10E Reference Manual
Summary of Firebox X10E
Page 1
Reference guide firebox x core/peak e-series with watchguard system manager/fireware v10.0 firebox x edge e-series v10.0 revised: 2/1/2008.
Page 2
Ii watchguard system manager address 505 fifth avenue south suite 500 seattle, wa 98104 support www.Watchguard.Com/support u.S. And canada +877.232.3531 all other countries +1.206.521.3575 sales u.S. And canada +1.800.734.9905 all other countries +1.206.613.0895 about watchguard since 1996, watchgua...
Page 3: Contents
Reference guide iii contents chapter 1 internet protocol reference ........................................................................1 internet protocol header ...............................................................................2 ip header number list ..................................
Page 4
Iv watchguard system manager chapter 5 types of policies in fireware ......................................................................39 packet filter policies ..................................................................................39 any .................................................
Page 5
Reference guide v radius-accounting and radius-acct-rfc .......................................................51 rdp .......................................................................................................51 rip ...........................................................................
Page 6
Vi watchguard system manager proxy policies.............................................................................................60 dns-proxy ...............................................................................................60 ftp-proxy ..............................................
Page 7
Reference guide vii chapter 7 copyright, patent, trademark, and licensing information ........................75 copyright information .................................................................................75 patents ............................................................................
Page 8
Viii watchguard system manager openvpn ..............................................................................................128 ossp_mm ..............................................................................................129 pcre .......................................................
Page 9: Internet Protocol Reference
Reference guide 1 1 internet protocol reference internet protocol (ip) sets the format of packets and the address pattern for sending data through the internet. It operates as a postal system, and allows you to address a package and drop it into the system. But, there is no direct link between you a...
Page 10: Internet Protocol Header
2 watchguard system manager internet protocol header internet protocol (ip) is an internet standard that enables the sending of datagrams — packets of information that include an address and instructions on how to send the datagram to its destination. Ip prepends a header to each datagram. The ip he...
Page 11
Reference guide 3 ip header number list the ip protocol header contains an 8-bit field that identifies the protocol for the transport layer for the datagram. Keyword number protocol 0 reserved icmp 1 internet control message igmp 2 internet group management ggp 3 gateway-to-gateway ip 4 ip-within-ip...
Page 12
4 watchguard system manager xtp 36 xtp ddp 37 datagram delivery protocol idpr-cmtp 38 idpr control message transport protocol tp++ 39 tp++ transport protocol il 40 il transport protocol sip 41 simple internet protocol sdrp 42 source demand routing protocol sip-sr 43 sip source route sip-frag 44 sip ...
Page 13
Reference guide 5 iso-ip 80 iso internet protocol vmtp 81 vmtp secure-vmtp 82 secure-vmtp vines 83 vines ttp 84 ttp nsfnet-igp 85 nsfnet-igp dgp 86 dissimilar gateway protocol tcf 87 tcf igrp 88 igrp ospfigp 89 ospfigp sprite-rpc 90 sprite rpc protocol larp 91 locus address resolution protocol mtp 9...
Page 14: Internet Protocol Options
Transfer protocols 6 watchguard system manager internet protocol options internet protocol (ip) options are additions to the standard ip header that can be of different lengths. Enabling ip options can be dangerous . Hackers can use them to create routing that helps them get access to your network. ...
Page 15
Reference guide 7 transfer protocols • gives abstraction of ports. A connection is made of its source and destination ports and its source and destination ip addresses. In typical use, port numbers less than 1024 are saved for well-known services (destinations). The client side can use ports higher ...
Page 16
Transfer protocols 8 watchguard system manager standard ports and random ports udp and tcp use encapsulation of information contained in the application layer. The software application procedures are specified by source ad destination port numbers. These port numbers, together with the source and de...
Page 17: Mime Content Types
Reference guide 9 2 mime content types software applications use content type headers to identify the type of data they receive. Content type headers tell the software application how to correctly identify and display video clips, images, sound, or other data. Usually, people are most familiar with ...
Page 18
10 watchguard system manager application hyperstudio domino application iges parks application mac-binhex40 falstrom application macwriteii lindner application marc rfc 2220 application mathematica van nostern application ms-excel application mspowerpoint application msword lindner application news-...
Page 19
Reference guide 11 application vnd.Acucobol lubin application vnd.Anser-web-certificate-issue-initiation mori application vnd.Answer-web-funds-transfer-initiation mori application vnd.Audiograph slusanschi application vnd.Businessobjects imoucha application vnd.Claymore simpson application vnd.Comme...
Page 20
12 watchguard system manager application vnd.Intertrust.Digibox tomasello application vnd.Intertrust.Nncp tomasello application vnd.Intu-qbo scratchley application vnd.Is-xpr natarajan application vnd.Japannet-directory-service fujii application vnd.Japannet-jpnstore-wakeup yoshitake application vnd...
Page 21
Reference guide 13 application vnd.Osa.Netdeploy klos application vnd.Powerbuilder6 guy application vnd.Powerbuilder6-s guy application vnd.Publishare-delta-tree ben-kiki application vnd.Rapid szekely application vnd.Rn-realplayer application vnd.Seemail webb application vnd.Shana.Informed.Formdata ...
Page 22
14 watchguard system manager application x-bcpio application x-chat application x-cpio application x-sch application x-cu-seemee application x-demoshield application x-director application x-dvi application x-framemaker application x-gtar application x-ica application x-installshield application x-j...
Page 23
Reference guide 15 application x-tex application x-texinfo application x-troff application x-troff-man application x-troff-me application x-troff-ms application x-ustar application x-wais-source application x-watchguard-cloaked application x-webbasic application x-wintalk application x-wls applicati...
Page 24
16 watchguard system manager chemical x-isostar chemical x-jcamp-dx chemical x-kinemage chemical x-mdl-molfile chemical x-mdl-rxnfile chemical x-macmolecule chemical x-macromode1-input chemical x-mopac-input chemical x-pdb chemical x-xyz chemical x-vmd drawing * drawing x-dwf graphics * graphics x-i...
Page 25
Reference guide 17 image x-cmx image x-dwg image x-dxf image x-mgx-dsf image x-ms-bmp image x-photo-cd image x-pict image x-png image x-portable-anymap image x-portable-bitmap image x-portable-graymap image x-portable-pixmap image x-rgb image x-svf image x-xbitmap image x-xwindowdump image xpm messa...
Page 26
18 watchguard system manager multipart form-data rfc 2388 multipart header-set crocker multipart mixed rfc 2045, rfc 2046 multipart parallel rfc 2045, rfc 2046 multipart related rfc 2387 multipart report rfc 1982 multipart signed rfc 1847 multipart voice-message rfc 2421, rfc 2423 text * text css rf...
Page 27
Reference guide 19 video x-msvideo video x-sgi-movie workbook * workbook formulaone x-conference x-cooltalk x-form x-openscape x-model x-mesh x-music x-midi x-script x-wfxclient x-world * x-world x-3dmf x-world x-svr x-world x-vream x-world x-vrml x-world x-vrt x-world x-wvr type subtype reference (...
Page 28
20 watchguard system manager.
Page 29: Services and Ports
Reference guide 21 3 services and ports well-known services are a mixture of port number and transport protocol for specified, standard software applications. This chapter contains tables that list service names, port number, protocol, and description. Ports used by wsm and fireware the watchguard f...
Page 30
Ports used by microsoft products 22 watchguard system manager ports used by microsoft products many firebox users want to create policies that specifically allow or block microsoft applications. Here is a list of ports used by some microsoft products. Port # protocol purpose 137, 138 udp browsing 67...
Page 31: Well-Known Services List
Reference guide 23 well-known services list well-known services list in addition to the ports used by services described above, watchguard supplies a list of well-known services. Because software companies regularly add new services, this is not a full list of all possible services. For more informa...
Page 32
Well-known services list 24 watchguard system manager dsp 33 tcp/udp display support protocol time 37 tcp/udp time rap 38 tcp/udp route access protocol rlp 39 tcp/udp resource location protocol graphics 41 tcp/udp graphics nameserver 42 tcp/udp host name server nicname 43 tcp/udp whois mpm-flags 44 ...
Page 33
Reference guide 25 well-known services list hosts2-ns 81 tcp/udp hosts2 name server xfer 82 tcp/udp xfer utility mit-ml-dev 83 tcp/udp mit ml device ctf 84 tcp/udp common trace facility mit-ml-dev 85 tcp/udp mit ml device mfcobol 86 tcp/udp micro focus cobol kerberos 88 tcp/udp kerberos sug-mit-tug ...
Page 34
Well-known services list 26 watchguard system manager cfdptkt 120 tcp/udp cfdptkt erpc 121 tcp/udp encore expedited rpc smakynet 122 tcp/udp smakynet ntp 123 tcp/udp network time protocol ansatrader 124 tcp/udp ansa rex trader locus-map 125 tcp/udp locus pc-interface net map unitary 126 tcp/udp unis...
Page 35
Reference guide 27 well-known services list nextstep 178 tcp/udp nextstep window server bgp 179 tcp/udp border gateway protocol unify 181 tcp/udp unify irc 194 tcp/udp internet relay chat protocol at-rtmp 201 tcp/udp appletalk routing maintenance at-nbp 202 tcp/udp appletalk name binding at-3 203 tc...
Page 36
Well-known services list 28 watchguard system manager uucp-rlogin 541 tcp/udp uucp-rlogin stuart lynne klogin 543 tcp/udp kerberos (v4/v5) kshell 544 tcp/udp krcmd kerberos (v4/v5) dhcpv6-client 546 tcp/udp dhcpv6 client dhcpv6-server 547 tcp/udp dhcpv6 server cybercash 551 tcp/udp cybercash remotef...
Page 37
Reference guide 29 well-known services list nas 8000 tcp/udp ncd network audio server iphone 6670 tcp for connecting to the phone server iphone 22555 udp for audio iphone 25793 tcp for the address server, in 4.X and 5.0 iphone 1490 tcp for the conference engine in 4.X and 5.0 service name port # pro...
Page 38
Well-known services list 30 watchguard system manager.
Page 39: Webblocker Content
Reference guide 31 4 webblocker content watchguard webblocker, together with the http proxy and the https proxy, supplies web site filtering for the content of the web pages your users open in their browsers. Webblocker uses a url database created and controlled by surfcontrol. Searching for blocked...
Page 40: Webblocker Categories
Searching for blocked sites 32 watchguard system manager webblocker categories the webblocker database contains 11 groups of categories with 54 individual categories. A web site is added to a category when the contents of the web site meet the correct criteria. Web sites that give opinion or educati...
Page 41
Reference guide 33 searching for blocked sites tasteless & offensive • offensive or violent language, including through jokes, comics, or satire • excessive use of profanity or obscene gesticulation crime criminal activity advocating, instructing, or giving advice on performing illegal acts, such as...
Page 42
Searching for blocked sites 34 watchguard system manager weapons • online purchasing or ordering information, including lists of prices and dealer locations • any page or site predominantly containing, or providing links to, content related to the sale of guns, weapons, ammunition, or poisonous subs...
Page 43
Reference guide 35 searching for blocked sites sports • team or conference web sites • national, international, college, or professional scores and schedules • sports-related online magazines or newsletters streaming media • streaming media files or events (any live or archived audio or video file) ...
Page 44
Searching for blocked sites 36 watchguard system manager motor vehicles • car reviews, vehicle purchasing or sales tips, parts catalogs • auto trading, photos, discussion of vehicles including motorcycles, boats, cars, trucks, and rvs • journals and magazines on vehicle modification, repair, and cus...
Page 45
Reference guide 37 searching for blocked sites spam urls • urls found in spam, including these topics: - computing - finance & stocks - entertainment - games - health & medicine - humor & novelties - personal & dating - products & services - shopping - travel infrastructure • content delivery networ...
Page 46
Searching for blocked sites 38 watchguard system manager politics • political parties • political debate, canvassing, election information and results • conspiracy theorists & alternative government views that are not hate-based business • general business corporate web sites • international and mul...
Page 47: Packet Filter Policies
User guide 39 5 types of policies in fireware this chapter gives a list of the pre-defined policies included with your firebox management software, their protocols, and their ports. It also gives special information about circumstances that could have an effect on the security of some policies. In t...
Page 48
Packet filter policies 40 watchguard system manager archie archie is a search protocol used to find files on ftp servers. We recommend that you use the available web interfaces to archie. Search the internet to find a current list of archie servers. External hosts can be spoofed . The firebox cannot...
Page 49
User guide 41 packet filter policies clarent-command clarent corporation supplies ip telephone technology to mainstream carriers and service providers. Clarent products allow voice-over-ip between clarent gateways across the internet. This policy gives support to the clarent v3.0 product and later. ...
Page 50
Packet filter policies 42 watchguard system manager cu-seeme cu-seeme is a software application used to do video conferencing through the internet. For cu-seeme to operate through the firebox, you must make sure that you are not on a network that uses outgoing dynamic nat. The cu-seeme protocol make...
Page 51
User guide 43 packet filter policies finger finger is an application protocol used to get information about users on a given host. It is easy for a hacker to use this information against you. We do not recommend that you put finger servers on the trusted interface. Characteristics • internet protoco...
Page 52
Packet filter policies 44 watchguard system manager hbci the home banking computer interface (hbci) is a standard created for bank customers and manufacturers of banking products. Characteristics • internet protocol(s): tcp • port number(s): 3000 http an http packet filter will not apply the http pr...
Page 53
User guide 45 packet filter policies ident the identification protocol (ident) is a protocol used to match tcp connections to a user name. It is used most frequently by large public smtp and ftp servers. It is used for logs, but you cannot trust the information it gives, as attackers can change thei...
Page 54
Packet filter policies 46 watchguard system manager irc internet relay chat (irc) is a system for internet chatting. To use irc you must have an irc client and internet access. The irc client is a software application on your computer that sends and receives messages to and from an irc server. The i...
Page 55
User guide 47 packet filter policies ldap lightweight directory access protocol (ldap) is an open-standard protocol for using online directory services. The protocol operates with internet transport protocols, such as tcp. You can use ldap to access stand-alone directory servers or x.500 directories...
Page 56
Packet filter policies 48 watchguard system manager ms-win-media microsoft windows media server is a proprietary protocol developed by microsoft to supply unicast streams. It enables bidirectional connections that enable users to go forward, go back, or pause the playback of unicast streams. Charact...
Page 57
User guide 49 packet filter policies ntp network time protocol (ntp) is a protocol built on tcp/ip that controls local timekeeping. It synchronizes computer clocks with other clocks located on the internet. Characteristics • internet protocol(s): tcp, udp • port number(s): tcp 123 , udp 123 ospf ope...
Page 58
Packet filter policies 50 watchguard system manager pop2 and pop3 pop2 and pop3 (post office protocol) are email transport protocols, usually used to get a user’s email from a pop server. Characteristics • internet protocol(s): tcp • port number(s): 109 (pop2), and 110 (pop3) pptp pptp is a vpn tunn...
Page 59
User guide 51 packet filter policies radius-accounting and radius-acct-rfc the remote authentication dial-in user service (radius) accounting policy supplies accounting information to administrators of networks that use radius authentication. Radius is a client-server system that keeps authenticatio...
Page 60
Packet filter policies 52 watchguard system manager realplayerg2 media streaming protocol v7 and v8. Characteristics • internet protocol(s): tcp • port number(s): 80, 554 rlogin remote login (rlogin) is a unix command that allows an approved user to log in to other unix computers on a network. After...
Page 61
User guide 53 packet filter policies smtp the smtp packet filter policy allows smtp traffic (email) without using the smtp proxy. Characteristics • internet protocol(s): tcp • port number(s): 25 snmp simple network management protocol (snmp) is used to collect information about and to configure remo...
Page 62
Packet filter policies 54 watchguard system manager ssh secure shell (ssh) is a free application protocol that allows remote login, command control, and the movement of files between computers. It gives strong authentication and secure (encrypted) connections. We recommend the use of ssh because it ...
Page 63
User guide 55 packet filter policies tacacs tacacs user authentication is a system that uses user accounts to authenticate users into a dial-up modem pool. This removes the need to keep copies of accounts on a unix system. Tacacs does not support tacacs+ or radius. Characteristics • internet protoco...
Page 64
Packet filter policies 56 watchguard system manager timbuktu timbuktu pro is remote control and file transfer software used to get access to windows computers. The protocol uses tcp port 1417 and udp port 407. Add the timbuktu policy and allow access from the hosts on the internet that must get acce...
Page 65
User guide 57 packet filter policies uucp unix-to-unix copy (uucp) is a unix tool and protocol that enables one computer to send files to another computer. This tool is not used frequently, as users more often use ftp, smtp, and nntp to transfer files. Characteristics • internet protocol(s): tcp • p...
Page 66
Packet filter policies 58 watchguard system manager wg-firebox-mgmt the watchguard firebox management policy allows configuration and monitoring connections to be made to the firebox. We recommend that you allow this policy only to the management station. The policy is usually set up on the trusted ...
Page 67
User guide 59 packet filter policies whois the whois protocol gives information about the administrator of web sites and networks. It is frequently used to find the administrator of a different web site. To filter whois traffic, add a whois policy that allows connections to the whois server (such as...
Page 68: Proxy Policies
Packet filter policies 60 watchguard system manager proxy policies this section reviews the proxy policies supplied by the watchguard® system manager. A proxy policy opens packets, strips out forbidden data types in the packet content, and assembles the packets again using the source and destination...
Page 69
User guide 61 packet filter policies http-proxy hyper text transfer protocol (http) is a request/response protocol between clients and servers. The http client is usually a web browser. The http server is a remote resource that keeps or creates html files, images, and other content. When the http cl...
Page 70
Packet filter policies 62 watchguard system manager sip-proxy if you use voice-over-ip (voip) in your organization, you can add a sip (session initiation protocol) proxy policy to open the ports necessary to enable voip through your firebox. These proxy policies have been created to work in a nat en...
Page 71
User guide 63 packet filter policies tftp-proxy trivial file transfer protocol (tftp) is a simple form of ftp that uses very small amounts of memory. It is used to transfer small files between hosts on the same network. Some manufacturers use the tftp protocol to send periodic updates to voip equipm...
Page 72
Packet filter policies 64 watchguard system manager.
Page 73: Resources
Reference guide 65 6 resources many resources are available to help you learn more about network security. This chapter gives different sources of information frequently used by the development and technical support teams at watchguard to learn more about network security. The editorial comments inc...
Page 74: Publishers
Publishers 66 watchguard system manager publishers some publishers focus on network security in their works. Syngress publishes almost exclusively about networks and network security. Www.Syngress.Com/ o'reilly publishes many books on network security. Www.Oreilly.Com/pub/topic/security no starch pu...
Page 75: Mailing Lists
Reference guide 67 mailing lists mailing lists wg-users@watchguard.Com watchguard sponsors a listserv for our customers. For more information, see the technical support chapter in the user guide. Firewall-wizards@nfr.Net firewall gurus from around the world discuss and answer all types of questions....
Page 76
General it and security web sites 68 watchguard system manager project.Honeynet.Org the honeynet project is a non-profit research organization of security professionals dedicated to information security. They have no products, services or employees, and all research is done on a volunteer basis. The...
Page 77: White Hat Web Sites
Reference guide 69 white hat web sites the register this is not the first place you'll learn of emerging threats, but when you hear of one, depend on the reg for the most honest, no-hype summary of the issue. Pro: plain-english writing style is great for it beginners. Check out their "bofh" series f...
Page 78: Grey Hat Sites
Grey hat sites 70 watchguard system manager grey hat sites we characterize these security researchers as "grey hats" because, unlike white hats, they might not inform the appropriate manufacturer before publicly revealing their findings and posting exploit code (often passed off euphemistically as "...
Page 79: Other Web Sites
Reference guide 71 dictionaries of computer terminology other web sites www.Howstuffworks.Com simple explanations of how all kinds of things, including system and network components, work. Www.Zebra.Org/zebra/index.Html online gnu zebra configuration document for firebox users using dynamic routing ...
Page 80: Rss Feeds
Dictionaries of computer terminology 72 watchguard system manager rss feeds rich site summary (rss) is an xml-based web standard for easily distributing news and other information in syndication. In other words, rss provides a format that delivers news from many sources directly to your desktop. Fur...
Page 81
Reference guide 73 dictionaries of computer terminology news.Com.Com/2547-1001_3-0-5.Xml cnet news enterprise hardware feed news.Com.Com/2547-1009_3-0-5.Xml cnet news security feed news.Com.Com/2547-1035_3-0-5.Xml cnet news networking feed fun feeds www.Wired.Com/news/feeds/rss2/0,2610,,00.Xml wired...
Page 82
Dictionaries of computer terminology 74 watchguard system manager web logs (blogs) radio free security watchguard’s podcast covers network secuirty issues of interest to small- to medium-sized businesses. Learn how to prioritze threats by hearing the livesecurity reporters pick the “security story o...
Page 83: Licensing Information
Reference guide 75 copyright information 7 copyright, patent, trademark, and licensing information copyright information copyright© 1998 - 2008 watchguard technologies, inc. All rights reserved. © hi/fn, inc. 1993, including one or more u.S. Patents 4701745, 5016009, 5126739, and 5146221 and other p...
Page 84: Licensing
Licensing 76 watchguard system manager java and all java-based marks are trademarks or registered trademarks of sun microsystems, inc. In the united states and other countries. All right reserved. "openvpn" is a trademark of openvpn solutions llc. Watchguard, the watchguard logo, firebox, livesecuri...
Page 85
Reference guide 77 licensing this software is provided ``as is'' and any expressed or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the apache software foundation or its con- tributo...
Page 86
Licensing 78 watchguard system manager "derivative works" shall mean any work, whether in source or object form, that is based on (or derived from) the work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship....
Page 87
Reference guide 79 licensing you may add your own copyright statement to your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of your modifications, or for any such derivative works as a whole, provided your use, reproduction,...
Page 88
Licensing 80 watchguard system manager gnu general public license (gpl) each of the following programs are wholly or partially licensed under the gpl: bpalogin, bridge-utils, busybox, hostapd, iproute, ipset, iptables, jaxb, libiconv, linux, lzo, openvpn, oprofile, pptpd, psycopg, readline, rp-pppoe...
Page 89
Reference guide 81 licensing terms and conditions for copying, distribution, and modification 1 this license applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this general public license. The "program", below, ...
Page 90
Licensing 82 watchguard system manager 3 you may copy and distribute the program (or a work based on it, under section 2) in object code or executable form under the terms of sections 1 and 2 above provided that you also do one of the following: - accompany it with the complete corresponding machine...
Page 91
Reference guide 83 licensing if any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you ...
Page 92
Licensing 84 watchguard system manager gnu lesser general public license (lgpl) each of the following programs are wholly or partially licensed under the gnu library general public license (library gpl): jdic, jfreechart, libnl, scew, swingx, swingworker, pyopenssl. Specific copyright information fo...
Page 93
Reference guide 85 licensing finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any paten...
Page 94
Licensing 86 watchguard system manager "source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to con...
Page 95
Reference guide 87 licensing 4 you may opt to apply the terms of the ordinary gnu general public license instead of this license to a given copy of the library. To do this, you must alter all the notices that refer to this license, so that they refer to the ordinary gnu general public license, versi...
Page 96
Licensing 88 watchguard system manager - accompany the work with the complete corresponding machine-readable source code for the library including whatever changes were used in the work (which must be distributed under sections 1 and 2 above); and, if the work is an executable linked with the librar...
Page 97
Reference guide 89 licensing 11 each time you redistribute the library (or any work based on the library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the library subject to these terms and conditions. You may not impose any furt...
Page 98
Licensing 90 watchguard system manager no warranty 16 because the library is licensed free of charge, there is no warranty for the library, to the extent permitted by applicable law. Except when otherwise stated in writing the copyright holders and/or other parties provide the library "as is" withou...
Page 99
Reference guide 91 licensing to protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library, or if you modify it. For exam...
Page 100
Licensing 92 watchguard system manager terms and conditions for copying, distribution, and modification 1 this license agreement applies to any software library which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this libra...
Page 101
Reference guide 93 licensing license, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is...
Page 102
Licensing 94 watchguard system manager 7 as an exception to the sections above, you may also compile or link a "work that uses the library" with the library to produce a work containing portions of the library, and distribute that work under terms of your choice, provided that the terms permit modif...
Page 103
Reference guide 95 licensing 10 you are not required to accept this license, since you have not signed it. However, nothing else grants you permission to modify or distribute the library or its derivative works. These actions are prohibited by law if you do not accept this license. Therefore, by mod...
Page 104
Licensing 96 watchguard system manager 15 if you wish to incorporate parts of the library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the free software foundation, write to the fre...
Page 105
Reference guide 97 licensing 2 license for the distribution of compliant implementations. Sun also grants you a perpetual, non-exclusive, non-transferable, worldwide, fully paid-up, royalty free, limited license (without the right to sublicense) under any applicable copyrights or, subject to the pro...
Page 106
Licensing 98 watchguard system manager 5 definitions. For the purposes of this agreement: "independent implementation" shall mean an implementation of the specification that neither derives from any of sun's source code or binary code materials nor, except with an appropriate and separate license fr...
Page 107
Reference guide 99 licensing general terms any action related to this agreement will be governed by california law and controlling u.S. Federal law. The u.N. Convention for the international sale of goods and the choice of law rules of any jurisdiction will not apply. The specification is subject to...
Page 108
Licensing 100 watchguard system manager busybox busybox is distributed under version 2 of the general public license (included in its entirety above). Version 2 is the only version of this license which this version of busybox (or modified versions derived from this one) may be distributed under. Cg...
Page 109
Reference guide 101 licensing dhcp copyright © 1995, 1996, 1997, 1998, 1999 the internet software consortium. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1 redistributions of sourc...
Page 110
Licensing 102 watchguard system manager elementtree the elementtree package and the celementtree accelerator are copyright © 1999-2005 by secret labs ab copyright © 1999-2005 by fredrik lundh by obtaining, using, and/or copying this software and/or its associated documentation, you agree that you ha...
Page 111
Reference guide 103 licensing free-extractor this software is provided 'as-is', without any express or implied warranty. In no event will the author(s) be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, includin...
Page 112
Licensing 104 watchguard system manager redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1 redistributions of source code must retain the above copyright notice, this list of conditions and the following di...
Page 113
Reference guide 105 licensing this software is provided "as is" without warranty of any kind, either express or implied, including without limitation warranties of merchantability and fitness for a particular purpose. The regents of the university of michigan and merit network, inc. Do not warrant t...
Page 114
Licensing 106 watchguard system manager redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1 redistributions of source code must retain the above copyright notice, this list of conditions and the following di...
Page 115
Reference guide 107 licensing java 2d api samples read the following agreement before installing or using the sample software. By downloading this sample software, you accept and agree to the terms and conditions below. If you do not agree, do not download or use the sample software. Sun microsystem...
Page 116
Licensing 108 watchguard system manager 1.10 “original software” means the source code and executable form of computer software code that is originally released under this license. 1.11 “patent claims” means any patent claim(s), now owned or hereafter acquired, including without limitation, method, ...
Page 117
Reference guide 109 licensing c the licenses granted in sections 2.2(a) and 2.2(b) are effective on the date contributor first distributes or otherwise makes the modifications available to a third party. D notwithstanding section 2.2(b) above, no patent license is granted: (1) for any code that cont...
Page 118
Licensing 110 watchguard system manager 3.6 larger works. You may create a larger work by combining covered software with other code not governed by the terms of this license and distribute the larger work as a single product. In such a case, you must make sure the requirements of this license are f...
Page 119
Reference guide 111 licensing initial developer (if the initial developer is not the participant) and all contributors under sections 2.1 and/or 2.2 of this license shall, upon 60 days notice from participant terminate prospectively and automatically at the expiration of such 60 day notice period, u...
Page 120
Licensing 112 watchguard system manager 10 responsibility for claims. As between initial developer and the contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this license and you agree to work with initial developer ...
Page 121
Reference guide 113 licensing "contributor" means any person or entity that distributes the program. "licensed patents " mean patent claims licensable by a contributor which are necessarily infringed by the use or sale of its contribution alone or when combined with the program. "program" means the ...
Page 122
Licensing 114 watchguard system manager when the program is made available in source code form: a it must be made available under this agreement; and b a copy of this agreement must be included with each copy of the program. Contributors may not remove or alter any copyright notices contained within...
Page 123
Reference guide 115 licensing 7 general if any provision of this agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this agreement, and without further action by the parties hereto, such provision shall be r...
Page 124
Licensing 116 watchguard system manager 3 in the event licensee prepares a derivative work that is based on or incorporates jython or any part thereof, and wants to make the derivative work available to others as provided herein, then licensee hereby agrees to include in any such work a brief summar...
Page 125
Reference guide 117 licensing kazlib copyright © 1999 kaz kylheku free software license: all rights are reserved by the author, with the following exceptions: permission is granted to freely reproduce and distribute this software, possibly in exchange for a fee, provided that this copyright notice a...
Page 126
Licensing 118 watchguard system manager libpcap redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1 redistributions of source code must retain the above copyright notice, this list of conditions and the foll...
Page 127
Reference guide 119 licensing linux copyright 1993 united states government as represented by the director, national security agency. This software may be used and distributed according to the terms of the gnu general public license, incorporated herein by reference. In addition to the disclaimers i...
Page 128
Licensing 120 watchguard system manager regardless of what licensing mechanism is used or applicable, this program is provided by qlogic corporation "as is'' and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular p...
Page 129
Reference guide 121 licensing 3 redistributions in binary form must reproduce at minimum a disclaimer similar to the disclaimer below and any redistribution must be conditioned upon including a substantially similar disclaimer requirement for further binary redistribution. 4 neither the names of the...
Page 130
Licensing 122 watchguard system manager this software is provided by the copyright holders and contributors “as is” and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall t...
Page 131
Reference guide 123 licensing this software is provided by the copyright holders and contributors “as is” and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the copyrig...
Page 132
Licensing 124 watchguard system manager of substitute goods or services; loss of use, data, or profits; or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of thi...
Page 133
Reference guide 125 licensing openldap the openldap public license version 2.8, 17 august 2003 redistribution and use of this software and associated documentation ("software"), with or without modification, are permitted provided that the following conditions are met: 1 redistributions in source fo...
Page 134
Licensing 126 watchguard system manager specific parts of the portability layer have the following licences. Copyright patrick powell 1995 this code is based on code written by patrick powell (papowell@astart.Com) it may be used for any purpose as long as this notice remains intact on all source cod...
Page 135
Reference guide 127 licensing openssl openssl license copyright © 1998-2007 the openssl project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1 redistributions of source code must r...
Page 136
Licensing 128 watchguard system manager if this package is used in a product, eric young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package. Redi...
Page 137
Reference guide 129 licensing special exception for linking openvpn with both openssl and lzo: hereby i grant a special exception to the openvpn project (http://openvpn.Net/) to link the lzo library with the openssl library (http://www.Openssl.Org). —markus f.X.J. Oberhumer the tap-win32/tap-win64 d...
Page 138
Licensing 130 watchguard system manager this software is provided by ralf s. Engelschall ``as is'' and any expressed or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall ralf s. Engelsch...
Page 139
Reference guide 131 licensing copyright © 2001 by sun microsystems, inc. All rights reserved. Non-exclusive rights to redistribute, modify, translate, and use this software in source and binary forms, in whole or in part, is hereby granted, provided that the above copyright notice is duplicated in a...
Page 140
Licensing 132 watchguard system manager requirements or that operation will be uninterrupted or error free. The regents of the university of michigan and merit network, inc. Shall not be liable for any special, indirect, incidental or consequential damages with respect to any claim by licensee or an...
Page 141
Reference guide 133 licensing this software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial appl...
Page 142
Licensing 134 watchguard system manager 2 redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3 the name "carnegie mellon university" must not be use...
Page 143
Reference guide 135 licensing 3 the names of the authors of this software must not be used to endorse or promote products derived from this software without prior written permission. 4 redistributions of any form whatsoever must retain the following acknowledgment: "this product includes software de...
Page 144
Licensing 136 watchguard system manager postgresql database management system (formerly known as postgres, then as postgres95) portions copyright © 1996-2005, the postgresql global development group portions copyright © 1994, the regents of the university of california permission to use, copy, modif...
Page 145
Reference guide 137 licensing pysqlite copyright © 2004 gerhard häring this software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software f...
Page 146
Licensing 138 watchguard system manager cwi license agreement for python 0.9.0 through 1.2 copyright © 1991 - 1995, stichting mathematisch centrum amsterdam, the netherlands. All rights reserved. Permission to use, copy, modify, and distribute this software and its documentation for any purpose and ...
Page 147
Reference guide 139 licensing used to control compilation and installation of an executable, or a list of source code differential comparisons against either the original code or another well known, available covered code of the contributor's choice. The source code can be in a compressed or archiva...
Page 148
Licensing 140 watchguard system manager 3.2 availability of source code. Any modification which you create or to which you contribute must be made available in source code form under the terms of this license via an accepted electronic distribution mechanism to anyone to whom you made an executable ...
Page 149
Reference guide 141 licensing the initial developer and every contributor for any liability incurred by the initial developer or such contributor as a result of warranty, support, indemnity or liability terms you offer. 3.6 distribution of executable versions. You may distribute covered code in exec...
Page 150
Licensing 142 watchguard system manager 6.2 effect of new versions. Once covered code has been published under a particular version of the license, you may always continue to use it under the terms of that version. You may also choose to use such covered code under the terms of any subsequent versio...
Page 151
Reference guide 143 licensing 11 miscellaneous this license represents the complete agreement concerning subject matter hereof. If any provision of this license is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This license shall be go...
Page 152
Licensing 144 watchguard system manager exhibit b part of the software embedded in this product is ecos - embedded configurable operating system, a trademark of red hat. Portions created by red hat are copyright (c) 1998, 1999, 2000 red hat, inc. (http://www.Redhat.Com/). All rights reserved. The so...
Page 153
Reference guide 145 licensing tinyxpath copyright © 2002-2004 yves berquin (yvesb@users.Sourceforge.Net) this software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is grante...
Page 154
Licensing 146 watchguard system manager this software is provided by the contributors ``as is'' and any express or implied warran- ties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the contributors be...
Page 155
Reference guide 147 licensing 4 the names "indiana univeristy" and "indiana univeristy extreme! Lab" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact http://www.Extreme.Indiana.Edu/. 5 products derived...
Page 156
Licensing 148 watchguard system manager.
Page 157: Index
Reference guide 149 index a ansi z39.50 57 any policy described 39 archie policy 40 auth (ident) policy 40 authentication and ssh 54 b blocked sites, searching for 32 border gateway protocol (bgp) described 40 c citrix ica policy 40 clarent-command policy 41 clarent-gateway policy 41 cu-seeme policy...
Page 158
150 watchguard system manager i icmp 7 identification protocol (ident) policy 45 igmp 7 igmp policy 45 imap policy 45 intel video phone policy 46 internet control message protocol 7 internet group management protocol (igmp) policy 45 internet group multicast protocol 7 internet mail access protocol ...
Page 159
Reference guide 151 s securid policy 52 services well-known 21, 23 simple mail transfer protocol 62 simple network management protocol. See snmp smb policy 52 smtp packet filter policy 53 smtp proxy described 62 snmp described 53 policy for 53 snmp-trap policy 53 sql*net policy 53 sql-server policy ...
Page 160
152 watchguard system manager.