SYM_UNIX_PROTECTION_SBP V5.2.9 R260 [SUMMARY]
10-Jul-2015 02:50:22 PDT
Exported By: symadmin    from Server: Localhost Server



 Global Policy Options
 Resource Lists
 Writable Resource Lists
 Allow modifications to these files
 List of files that can be modified
 Value="/selinux/access"
 Value="/selinux/context"
 Value="/selinux/relabel"
 Value="/selinux/user"
 Read-only Resource Lists
 Block modifications to these files
 List of files that should not be modified
 Value="net/*/*/*"
 Value="/selinux/enforce"
 Value="/selinux/disable"
 Value="/etc/selinux/*"
 Value="/etc/sysconfig/selinux"
 Network Controls
 Inbound
 Globally set the default inbound rules to deny.
 Kernel Driver Options [kernel_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Syscall Options
 Allow mounting and unmounting of file systems (mount,umount)
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Localhost
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 sunrpc (111)
 msft-dc (445)
 dhcpclient (4999)
 Inbound udp port list
 List of Inbound udp ports
 sunrpc (111)
 high (1024-65535)
 router (520)
 snmp (161)
 bootpc (68)
 xdmcp (177)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="high (1024-65535)", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="wellknown (0-1023)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Localhost
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 sunrpc (111)
 nfs
 Outbound udp port list
 List of outbound udp ports
 sunrpc (111)
 bootpc (68)
 nfs
 Outbound network rules
 List of rules to control outbound network connections
 LocalPort="wellknown (0-1023)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="wellknown (0-1023)", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 Host Security Programs [hsecurity_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 sav tcp-fixed (2967)
 sav tcp-fixed (2968)
 sep server default port (8443)
 sep database default port (2638)
 sep admin port (9090)
 Any (0-65535)
 Inbound udp port list
 List of Inbound udp ports
 Any (0-65535)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="high (1024-65535)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="Any (0-65535)", RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="Any (0-65535)", RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 sav tcp-fixed (2967)
 sav tcp-fixed (2968)
 sep server default port (8443)
 sep database default port (2638)
 Any (0-65535)
 Outbound udp port list
 List of outbound udp ports
 high (1024-65535)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 NFS Server Access Options [remote_file_ps]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Daemon Options
 General Daemon Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Alternate Privilege Lists
 Specify Daemons with Safe privileges
 List of Daemons with Safe privilege
 Program="udevd"
 Program="/sbin/udev"
 Program="/sbin/udevd"
 Program="/sbin/udevadm"
 Program="start_udevd"
 Program="/usr/lib/systemd/systemd-udevd"
 Program="/usr/sbin/firewalld"
 Program="/usr/sbin/tuned"
 Program="/usr/libexec/gvfsd-fuse"
 Program="lvmetad"
 Program="/usr/sbin/lvmetad"
 Program="/sbin/upstart-udev-bridge"
 Program="/sbin/upstart-socket-bridge"
 Program="/etc/init.d/grub-common"
 Process Logging Options
 Log process assignment messages
 Log process assignment command line arguments
 Application Daemon Options
 Apache Web Server and PHP [apache_ps]
 Basic Options
 Apache
 Specify installation directory
 Path for the installation directory
 /usr/local/apache
 /usr/local/apache2
 /opt/sfw/apache
 /usr/apache
 Apache log path
 List of the paths that apache logs to.
 /var/apache/logs
 /usr/local/apache/logs
 /usr/local/apache2/logs
 /var/log/httpd
 /var/log/apache2
 /etc/apache2/sysconfig.d
 PHP
 Specify installation directory
 Path for the installation directory
 /usr/
 Advanced Options
 Apache and PHP Application Data Protection
 Apache and PHP Application File Data
 Block all access to the following Apache and PHP files
 Application data that should not be accessed
 /var/lib/php/session/*
 /etc/httpd/conf.d/php.conf
 /etc/php.d/*
 /etc/php.ini
 Block modifications to the following Apache and PHP files
 Application data that is read-only
 /usr/local/apr/*
 %php_instdir_path%/lib/httpd/modules/libphp*
 %php_instdir_path%/lib64/httpd/modules/libphp*
 %php_instdir_path%/lib/phpmodules/*
 %php_instdir_path%/lib64/phpmodules/*
 %php_instdir_path%/share/doc/php*
 %php_instdir_path%/share/doc/php*/*
 %php_instdir_path%/share/man/man*/php*
 %php_instdir_path%/bin/php*
 %-php_cgibin_path%
 Apache and PHP Application Process Data
 Block all access to the following Apache and PHP processes
 Application data that should not be accessed
 Program="%-php_cgibin_path%"
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 http (80)
 https (443)
 sunrpc (111)
 Inbound udp port list
 List of Inbound udp ports
 http (80)
 https (443)
 sunrpc (111)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 http (80)
 https (443)
 sunrpc (111)
 Outbound udp port list
 List of outbound udp ports
 http (80)
 https (443)
 sunrpc (111)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 MySQL Server and Command Line Utilities [mysql_ps]
 Basic Options
 Specify installation directory
 Path for the installation directory
 /usr/
 /usr/local/
 /usr/local/mysql
 MySQL log path
 List of the paths that MySQL logs to.
 /var/lib/mysql
 /usr/local/mysql/data
 Advanced Options
 MySQL Application Data Protection
 MySQL Application File Data
 Block all access to the following MySQL files
 Application data that should not be accessed
 /var/lib/mysql/*
 /var/run/mysqld/*
 %mysql_instdir_path%/data/*
 %mysql_log_path%
 %mysql_log_path%/*
 /etc/my.cnf
 Block modifications to the following MySQL files
 Application data that is read-only
 /usr/sbin/mysqld*
 %mysql_instdir_path%/bin/mysql*
 %mysql_instdir_path%/scripts/mysql*
 /usr/lib/mysql/*
 /usr/lib64/mysql/*
 %mysql_instdir_path%/lib/libmysql*
 %mysql_instdir_path%/include/mysql/*
 %mysql_instdir_path%/include/mysql*
 /usr/share/mysql/*
 /usr/share/sql-bench/*
 %mysql_instdir_path%/sql-bench/*
 /usr/share/man/man1/mysql*
 /usr/share/man/man8/mysql*
 %mysql_instdir_path%/man/man1/mysql*
 %mysql_instdir_path%/man/man8/mysql*
 /etc/init.d/mysqld
 /etc/logrotate.d/mysql
 MySQL Application Process Data
 Block all access to the following MySQL processes
 Application data that should not be accessed
 Program="/usr/bin/mysql*"
 Program="/usr/sbin/mysqld*"
 Program="%mysql_instdir_path%/bin/mysql*"
 Program="%mysql_instdir_path%/scripts/mysql*"
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 mysql (3306)
 Inbound udp port list
 List of Inbound udp ports
 mysql (3306)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 mysql (3306)
 Outbound udp port list
 List of outbound udp ports
 mysql (3306)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 Mail [mail_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 smtp (25)
 ldap (389)
 slp (427)
 imap (143)
 imaps (993)
 pop3 (110)
 pop3s (995)
 Inbound udp port list
 List of Inbound udp ports
 ldap (389)
 slp (427)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 smtp (25)
 ldap (389)
 slp (427)
 domain (53)
 Outbound udp port list
 List of outbound udp ports
 ldap (389)
 slp (427)
 domain (53)
 biff (512 UDP), ident
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 Sendmail [sendmail_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 smtp (25)
 auth (113), ident
 sunrpc (111)
 Inbound udp port list
 List of Inbound udp ports
 auth (113), ident
 sunrpc (111)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 smtp (25)
 auth (113), ident
 sunrpc (111)
 domain (53)
 Outbound udp port list
 List of outbound udp ports
 auth (113), ident
 sunrpc (111)
 domain (53)
 biff (512 UDP), ident
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 Symantec Storage Foundation HA [sfha_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 2148
 Inbound udp port list
 List of Inbound udp ports
 2148
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 8199
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 Syscall Options
 Allow mounting and unmounting of file systems (mount,umount)
 Allow creation of hard links (link)
 Allow creation of special files (mknod)
 Allow loading and unloading of kernel modules (modctl)
 Core OS Daemon Options
 Symantec Data Center Security Server Agent daemon [sdcssagent_ps]
 Advanced Options
 SDCSS Agent Application Data Protection
 SDCSS Agent Application File Data
 Block all access to the following SDCSS Agent files
 Application data that should not be accessed
 %loginstallroot%/*.csv
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 SDCSS Server IP
 Inbound tcp port list
 List of Inbound tcp ports
 sdcssagent
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemotePort="domain (53)", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="TCP", Action="Allow", Log="Do not log"
 RemotePort="nfs", Protocol="UDP", Action="Allow", Log="Log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log as trivial
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 SDCSS Server IP
 Outbound tcp port list
 List of outbound tcp ports
 sdcssserver
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemotePort="domain (53)", Protocol="Both TCP and UDP", Action="Allow", Log="Do not log"
 RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="0.0.0.1/32", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="0.0.0.1/32", Protocol="UDP", Action="Allow", Log="Do not log"
 RemotePort="nfs", Protocol="UDP", Action="Allow", Log="Log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log as trivial
 Bind daemon [bind_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 domain (53)
 rndc (953)
 Inbound udp port list
 List of Inbound udp ports
 domain (53)
 rndc (953)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 domain (53)
 ldap (389)
 ldaps (636)
 Outbound udp port list
 List of outbound udp ports
 domain (53)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 crond daemon [crond_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 ldap (389)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 ldap (389)
 Outbound udp port list
 List of outbound udp ports
 sunrpc (111)
 ldap (389)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="0.0.0.1/32", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="0.0.0.1/32", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 FTP daemon [ftpd_ps]
 Basic Options
 Enable passive FTP
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 ftp (21)
 high (1024-65535)
 Inbound udp port list
 List of Inbound udp ports
 high (1024-65535)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 high (1024-65535)
 domain (53)
 Outbound udp port list
 List of outbound udp ports
 high (1024-65535)
 domain (53)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 inet daemon [inetd_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 telnet (23)
 ftp (21)
 unix-rlogin (513)
 unix-rexec (512)
 unix-rsh (514)
 lp (515)
 Inbound udp port list
 List of Inbound udp ports
 tftp (69)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="32767-65535", RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="32767-65535", RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 domain (53)
 auth (113), ident
 sunrpc (111)
 Outbound udp port list
 List of outbound udp ports
 domain (53)
 sunrpc (111)
 Outbound network rules
 List of rules to control outbound network connections
 LocalPort="32767-65535", RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="32767-65535", RemoteIP="Local IPs (IPv4 and IPv6)", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 CUPS printer daemon [print_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 ipp (631)
 jetdirect (9100)
 lp (515)
 slp (427)
 Inbound udp port list
 List of Inbound udp ports
 ipp (631)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 jetdirect (9100)
 lp (515)
 slp (427)
 ipp (631)
 domain (53)
 Outbound udp port list
 List of outbound udp ports
 ipp (631)
 domain (53)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 LPD printer daemon [lpd_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 jetdirect (9100)
 lp (515)
 slp (427)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 jetdirect (9100)
 lp (515)
 slp (427)
 ipp (631)
 domain (53)
 Outbound udp port list
 List of outbound udp ports
 ipp (631)
 domain (53)
 snmp (161)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 Remote login services [rservices_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 wellknown (0-1023)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 auth (113), ident
 wellknown (0-1023)
 Outbound udp port list
 List of outbound udp ports
 domain (53)
 wellknown (0-1023)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 RPC port mapper [rpcd_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 0.0.0.1
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 sunrpc (111)
 Inbound udp port list
 List of Inbound udp ports
 high (1024-65535)
 sunrpc (111)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 0.0.0.1
 Global outbound hosts component
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 syslog daemon [syslogd_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound udp port list
 List of Inbound udp ports
 unix-syslog (514)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound udp port list
 List of outbound udp ports
 unix-syslog (514)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 TFTP daemon [tftpd_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Any
 Global inbound hosts component
 Inbound udp port list
 List of Inbound udp ports
 high (1024-65535)
 tftp (69)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Any
 Global outbound hosts component
 Outbound udp port list
 List of outbound udp ports
 tftp (69)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 Full Daemon Options [daemon_fullpriv_ps]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 Any (0-65535)
 Inbound udp port list
 List of Inbound udp ports
 Any (0-65535)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 Any (0-65535)
 Outbound udp port list
 List of outbound udp ports
 Any (0-65535)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 SysCall Options
 Allow mounting and unmounting of file systems (mount,umount)
 Allow creation of hard links (link)
 Allow creation of special files (mknod)
 Allow loading and unloading of kernel modules (modctl)
 Safe Daemon Options [daemon_safepriv_ps]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 Any (0-65535)
 Inbound udp port list
 List of Inbound udp ports
 Any (0-65535)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 Any (0-65535)
 Outbound udp port list
 List of outbound udp ports
 Any (0-65535)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 SysCall Options
 Allow mounting and unmounting of file systems (mount,umount)
 Allow creation of hard links (link)
 Allow creation of special files (mknod)
 Allow loading and unloading of kernel modules (modctl)
 Custom Daemon Options [daemon_custompriv_ps]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Global inbound hosts component
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Global outbound hosts component
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 Default Daemon Options [daemon_stdpriv_ps, ...]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Localhost
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 sunrpc (111)
 ssh (22)
 netbios-session (139)
 ldap (389)
 ldaps (636)
 slp (427)
 msft-dc (445)
 4999
 6000-6020
 Inbound udp port list
 List of Inbound udp ports
 netbios-ns (137)
 netbios-datagram (138)
 sunrpc (111)
 high (1024-65535)
 router (520)
 ldap (389)
 slp (427)
 snmp (161)
 bootpc (68)
 177
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="high (1024-65535)", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="wellknown (0-1023)", Protocol="TCP", Action="Allow", Log="Do not log", Program="/usr/sbin/rpc.mountd"
 LocalPort="wellknown (0-1023)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Localhost
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 domain (53)
 ldap (389)
 ldaps (636)
 slp (427)
 sunrpc (111)
 ssh (22)
 Outbound udp port list
 List of outbound udp ports
 domain (53)
 ldap (389)
 slp (427)
 snmptrap
 netbios-ns (137)
 netbios-datagram (138)
 sunrpc (111)
 bootpc (68)
 Outbound network rules
 List of rules to control outbound network connections
 LocalPort="wellknown (0-1023)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="wellknown (0-1023)", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 SysCall Options
 Allow loading and unloading of kernel modules (modctl)
 Interactive Program Options
 General Interactive Program Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Alternate Privilege Lists
 Specify Interactive Programs with Safe privileges
 List of Interactive Programs with Safe privilege
 Program="/usr/lib/YaST2/bin/y2base"
 Program="/sbin/yast"
 Program="/sbin/yast2"
 Specify Interactive Programs with Standard privileges
 List of Interactive Programs with Standard privilege
 Program="/usr/bin/crontab"
 Specific Interactive Program Options
 Display Programs [display_ps]
 Advanced Options
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 6000-6010
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 SysCall Options
 Allow mounting and unmounting of file systems (mount,umount)
 Allow creation of hard links (link)
 Allow creation of special files (mknod)
 Allow loading and unloading of kernel modules (modctl)
 Root Program Options [rootpriv_ps]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 System Admin Options
 Allow root to run the useradd program.
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 high (1024-65535)
 Inbound network rules
 List of rules to control connections into this system
 RemotePort="Any (0-65535)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="wellknown (0-1023)", Protocol="TCP", Action="Disabled", Log="Do not log", Program="/usr/bin/rsh"
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 domain (53)
 sunrpc (111)
 Outbound udp port list
 List of outbound udp ports
 domain (53)
 sunrpc (111)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 Process Logging Options
 Log process assignment messages
 Log process assignment command line arguments
 List or programs that should be routed to the no pset logging rootpriv pset.
 List of programs to route to the rootpriv pset with no pset logging.
 Program="/usr/sbin/makewhatis", User="root"
 Full Interactive Program Options [int_fullpriv_ps]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 Any (0-65535)
 Inbound udp port list
 List of Inbound udp ports
 high (1024-65535)
 Any (0-65535)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="high (1024-65535)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 Any (0-65535)
 Outbound udp port list
 List of outbound udp ports
 high (1024-65535)
 Any (0-65535)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 SysCall Options
 Allow mounting and unmounting of file systems (mount,umount)
 Allow creation of hard links (link)
 Allow creation of special files (mknod)
 Allow loading and unloading of kernel modules (modctl)
 Safe Interactive Program Options [int_safepriv_ps]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 Any (0-65535)
 Inbound udp port list
 List of Inbound udp ports
 high (1024-65535)
 Any (0-65535)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="high (1024-65535)", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 Any (0-65535)
 Outbound udp port list
 List of outbound udp ports
 high (1024-65535)
 Any (0-65535)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 SysCall Options
 Allow mounting and unmounting of file systems (mount,umount)
 Allow creation of hard links (link)
 Allow creation of special files (mknod)
 Custom Interactive Program Options [int_custompriv_ps]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Restrict network access
 Network Controls
 Inbound
 Components
 Inbound hosts list
 List of inbound addresses.
 Local IPs (IPv4 and IPv6)
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 epmap (135)
 Inbound udp port list
 List of Inbound udp ports
 epmap (135)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Deny
 Default inbound rule log setting
 Log
 Outbound
 Components
 Outbound hosts list
 List of outbound addresses.
 Local IPs (IPv4 and IPv6)
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 epmap (135)
 ldap (389)
 http (80)
 Outbound udp port list
 List of outbound udp ports
 epmap (135)
 Outbound network rules
 List of rules to control outbound network connections
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Deny
 Default outbound rule log setting
 Log
 Default Interactive Program Options [int_stdpriv_ps, ...]
 Protection Categories
 Application Data Protection
 Obey All Other Application Data Restrictions
 Network Controls
 Inbound
 Components
 Inbound hosts list
 std_int inbound address list
 Local IPs (IPv4 and IPv6)
 Any
 Global inbound hosts component
 Inbound tcp port list
 List of Inbound tcp ports
 Any (0-65535)
 Inbound udp port list
 List of Inbound udp ports
 Any (0-65535)
 Inbound network rules
 List of rules to control connections into this system
 LocalPort="high (1024-65535)", RemoteIP="pset specific outbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="Any", Protocol="Both TCP and UDP", Action="Allow", Log="Do not log", Program="%-def_int_srvprog_list:prog%", Arguments="%-def_int_srvprog_list:cmdline%", User="%-def_int_srvprog_list:id%", Group="%-def_int_srvprog_list:groupid%"
 LocalPort="pset specific tcp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="TCP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Log when denying
 Outbound
 Components
 Outbound hosts list
 std_int outbound address list
 Local IPs (IPv4 and IPv6)
 Any
 Global outbound hosts component
 Outbound tcp port list
 List of outbound tcp ports
 ldap (389)
 http (80)
 https (443)
 epmap (135)
 Outbound udp port list
 List of outbound udp ports
 high (1024-65535)
 domain (53)
 Outbound network rules
 List of rules to control outbound network connections
 LocalPort="high (1024-65535)", RemoteIP="pset specific outbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 RemoteIP="Any", Protocol="Both TCP and UDP", Action="Allow", Log="Do not log", Program="%-def_int_srvprog_list:prog%", Arguments="%-def_int_srvprog_list:cmdline%", User="%-def_int_srvprog_list:id%", Group="%-def_int_srvprog_list:groupid%"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific tcp outbound port component", Protocol="TCP", Action="Allow", Log="Do not log"
 RemoteIP="pset specific outbound hosts component", RemotePort="pset specific udp outbound port component", Protocol="UDP", Action="Allow", Log="Do not log"
 LocalPort="pset specific udp inbound port component", RemoteIP="pset specific inbound hosts component", Protocol="UDP", Action="Allow", Log="Do not log"
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Log when denying
 SysCall Options
 Allow mounting and unmounting of file systems (mount,umount)
 Allow creation of hard links (link)
 Allow creation of special files (mknod)