Operation: Add Service / Update Service
Description: To Create/Update Service. Services are used to determine the type of traffic allowed or denied by the firewall. 

Sample Configuration
<Services> <Name>Name</Name> <Description>Text</Description> <Type>TCPorUDP/IP/ICMP/ICMPv6</Type> <ServiceDetails> <ServiceDetail> <!-- for TCPUDP type --> <Protocol>TCP/UDP</Protocol> <SourcePort>port</SourcePort> <DestinationPort>port</DestinationPort> <!-- for IP type --> <ProtocolName>HOPOPT/ICMP/IGMPGGP/IP/ST/TCP/CBT/EGP/IGP/BBN-RCC-MON/NVP-II/PUP/ARGUS/EMCON/XNET/CHAOS/UDP/MUX/DCN-MEAS/HMP/PRM/XNS-IDP/TRUNK-1/TRUNK-2/LEAF-1/LEAF-2/RDP/IRTP/ISO-TP4/NETBLT/MFE-NSP/MERIT-INP/DCCP/3PC/IDPRXTP/DDP/IDPR-CMTP/TP++/IL/IPv6/SDRP/IPv6-Route/IPv6-Frag/IDRP/RSVP/GRE/DSR/BNA/ESP/AH/I-NLSP/SWIPE/NARP/MOBILE/TLSP/SKIP/IPv6-ICMP/IPv6-NoNxt/IPv6-Opts/IPProto61/CFTP/IPProto63/SAT-EXPAK/KRYPTOLAN/RVD/IPPC/IPProto68/SAT-MON/VISA/IPCV/CPNX/CPHB/WSN/PVP/BR-SAT-MON/SUN-ND/WB-MON/WB-EXPAK/ISO-IP/VMTP/SECURE-VMTP/VINES/TTP/NSFNET-IGP/DGP/TCF/EIGRP/OSPFIGP/Sprite-RPC/LARP/MTP/25/IPIP/MICP/SCC-SP/ETHERIP/ENCAP/IPProto99/GMTP/IFMP/PNNI/PIM/ARIS/SCPS/QNX/A/N/IPComp/SNP/Compaq-Peer/IPX-in-IP/VRRP/PGM/IPProto114/L2TP/DDX/IATP/STP/SRP/UTI/SMP/SM/PTP/ISIS/FIRE/CRTP/CRUDP/SSCOPMCE/IPLT/SPS/PIPE/SCTP/FC/RSVP-E2E-IGNORE/IPProto135/UDPLite/MPLS-in-IP/manet/HIP/Shim6/WESP/ ROHC/IPProto143/IPProto144/IPProto145/IPProto146/IPProto147/IPProto148/IPProto149/IPProto150/IPProto151/IPProto152/IPProto153/IPProto154/IPProto155/IPProto156/IPProto157/IPProto158/IPProto159/IPProto160/IPProto161/IPProto162/IPProto163/IPProto164/IPProto165/IPProto166/IPProto167/IPProto168/IPProto169/IPProto170/IPProto171/IPProto172/IPProto173/IPProto174/IPProto175/IPProto176/IPProto177/IPProto178/IPProto179/IPProto180/IPProto181/IPProto182/IPProto183/IPProto184/IPProto185/IPProto186/IPProto187/IPProto188/IPProto189/IPProto190/IPProto191/IPProto192/IPProto193/IPProto194/IPProto195/IPProto196/IPProto197/IPProto198/IPProto199/IPProto200/IPProto201/IPProto202/IPProto203/IPProto204/IPProto205/IPProto206/IPProto207/IPProto208/IPProto209/IPProto210/IPProto211/IPProto212/IPProto213/IPProto214/IPProto215/IPProto216/IPProto217/IPProto218/IPProto219/IPProto220/IPProto221/ IPProto222/IPProto223/IPProto224/IPProto225/IPProto226/IPProto227/IPProto228/IPProto229/IPProto230/IPProto231/IPProto232/IPProto233/IPProto234/IPProto235/IPProto236/IPProto237/IPProto238/IPProto239/IPProto240/IPProto241/IPProto242/IPProto243/IPProto244/IPProto245/IPProto246/IPProto247/IPProto248/IPProto249/IPProto250/IPProto251/IPProto252/IPProto253/IPProto254/IPProto255</ProtocolName> <!-- for ICMP Type --> <ICMPType>Echo Reply/Destination Unreachable/Source Quench/Redirect/Alternate Host Address/Echo/Router Advertisement/Router Selection/Time Exceeded/Parameter Problem/Timestamp/Timestamp Reply/Information Request/Information Reply/Address Mask Request/Address Mask Reply/Traceroute/Datagram Conversion Error/Mobile Host Redirect/IPv6 Where-Are-You/IPv6 I-Am-Here/Mobile Registration Request/Mobile Registration Reply/Domain Name Request/Domain Name Reply/SKIP/Photuris/Any Type</ICMPType> <ICMPCode>any code</ICMPCode> <!-- for ICMP Type --> <ICMPv6Type>Destination Unreachable/Packet Too Big/Time Exceeded/Parameter Problem/Private experimentation/Private experimentation/Echo Request/Echo Reply/Multicast Listener Query/Multicast Listener Report/Multicast Listener Done/Router Solicitation/Router Advertisement/Neighbor Solicitation/Neighbor Advertisement/Redirect Message/Router Renumbering/ICMP Node Information Query/ICMP Node Information Response/Inverse Neighbor Discovery Solicitation Message/Inverse Neighbor Discovery Advertisement Message/Version 2 Multicast Listener Report/Home Agent Address Discovery Request Message/Home Agent Address Discovery Reply Message/Mobile Prefix Solicitation/Mobile Prefix Advertisement/Certification Path Solicitation Message/Certification Path Advertisement Message/ICMP messages utilized by experimental mobility protocols such as Seamoby/Multicast Router Advertisement/Multicast Router Solicitation/Multicast Router Termination/FMIPv6 Messages/RPL Control Message/ILNPv6 Locator Update Message/Duplicate Address Request/Duplicate Address Confirmation/Private experimentation/Private experimentation/Any Type</ICMPv6Type> <ICMPv6Code>any code</ICMPv6Code> </ServiceDetail> : : </ServiceDetails> </Services>



Parameter Mandatory Default Description
NameYes  
Specify a name to identify the Service.
Name confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Character not allowed: Comma (,)
  • Maximum characters allowed are 50.
  • UTF-8 character(s) are allowed.
TypeNo  
Select Type of Service: TCP/UDP, IP, ICMP or ICMPv6.
Type confines to:
  • Type is 'SCALAR'.
  • Only 'TCPorUDP', 'IP', 'ICMP', 'ICMPv6' are allowed.
Protocol, ProtocolNumberYes  
Select Protocol and Protocol number for the service.
Protocol,ProtocolNumber confines to:
  • Type is 'ARRAY'.
  • Datatype is 'INTEGER'.
  • Range 0 to 255 is allowed.
  • Maximum digits allowed are 5.
  • Multiple values are allowed.
  • Duplicate values will not be ignored.
SourcePortYes  
Specify source port number if protocol selected is TCP/UDP.
SourcePort confines to:
  • Type is 'ARRAY'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 11.
  • Multiple values are allowed.
  • Duplicate values will not be ignored.
DestinationPortYes  
Specify destination port number if protocol selected is TCP/UDP.
DestinationPort confines to:
  • Type is 'ARRAY'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 11.
  • Multiple values are allowed.
  • Duplicate values will not be ignored.
ICMPTypeNo  
Select ICMP type.
ICMPType confines to:
  • Type is 'ARRAY'.
  • Maximum characters allowed are 2.
  • Only '-1', '0', '3', '4', '5', '6', '8', '9', '10', '11', '12', '13', '14', '15', '16', '17', '18', '30', '31', '32', '33', '34', '35', '36', '37', '38', '39', '40' are allowed.
  • Multiple values are allowed.
  • Duplicate values will not be ignored.
ICMPCodeNo  
Select ICMP Code.
ICMPCode confines to:
  • Type is 'ARRAY'.
  • Maximum characters allowed are 2.
  • Only '0', '-1', '1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '11', '12', '13', '14', '15' are allowed.
  • Multiple values are allowed.
  • Duplicate values will not be ignored.
ICMPv6TypeNo  
Select ICMPv6 type.
ICMPv6Type confines to:
  • Type is 'ARRAY'.
  • Maximum characters allowed are 3.
  • Only '0', '-1', '1', '2', '3', '4', '100', '101', '128', '129', '130', '131', '132', '133', '134', '135', '136', '137', '138', '139', '140', '141', '142', '143', '144', '145', '146', '147', '148', '149', '150', '151', '152', '153', '154', '155', '156', '157', '158', '200', '201' are allowed.
  • Multiple values are allowed.
  • Duplicate values will not be ignored.
ICMPv6CodeNo  
Select ICMPv6 code.
ICMPv6Code confines to:
  • Type is 'ARRAY'.
  • Maximum characters allowed are 2.
  • Only '-1', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '11', '12', '13', '14', '15' are allowed.
  • Multiple values are allowed.
  • Duplicate values will not be ignored.
DescriptionNo  
Enter a description.
Description confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 255.



Operation   Status   Message
Add Service200
Add Service500
Add Service502
Update Service200
Update Service202
Update Service500
Update Service502
Update Service503

© Copyright Sophos Firewall Limited. All rights reserved.
Sophos Firewall is registered trademarks of Sophos Firewall Limited and Sophos Firewall Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.