* Service
The * service is a special type of internal service which has some of the characteristics of a service group. It includes a number of services, as shown in the list below, but those services are not displayed when you list services in the configuration editor or the GUI, and you cannot edit the services in *.
The * service, which acts as if each of its services were in separate rules, is designed to allow anything through, but it attempts to use the best service first, thereby providing better security. For example, the ftp state engine enforces the proper use of the stateful FTP protocols, in contrast to ipmobile, which does not inspect packets according to any of the stateful protocols. Note that ipmobile, which allows any IP traffic initiated by the source address, is the last service in the list of * services:
-
nis
-
pmap_nis
-
pmap_dup
-
pmap_tcp
-
rpc_tpc
-
rpc_udp
-
realaudio
-
rsh
-
ftp
-
tcp
-
tcpall
-
dns
-
udp_datagram
-
udp
-
udpall
-
ping
-
icmp
-
ipmobile
- © 2010, Oracle Corporation and/or its affiliates