📄 pgpnetprefs.c
字号:
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Single, 4, {kPGPnetTCPService_smtp,0,0,0},
kPGPnetIPServiceType_Any, 1, {0,0,0,0},
"Known Rule - Allow Service SMTP Outgoing",
"[PGPDIR]\\PGPSERVICE.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* PGPnet Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"PGPnet",
"[PGPDIR]\\PGPNET.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* PGPnet */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_List, 4, {kPGPnetTCPService_ftp,
kPGPnetTCPService_telnet,
kPGPnetTCPService_smtp,
kPGPnetTCPService_whois},
kPGPnetIPServiceType_Range, 2, {1024, 65535,0,0},
"Known Rule - Allow Service Trace Outgoing",
"[PGPDIR]\\PGPNET.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* PGPnet */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_http,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow Web Trace Outgoing",
"[PGPDIR]\\PGPNET.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* PGPnet */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_List, 2, {kPGPnetTCPService_dns,
kPGPnetTCPService_netbios_ns,0,0},
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
"Known Rule - Allow DNS, NetBIOS Trace Outgoing",
"[PGPDIR]\\PGPNET.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* PGPnet */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_ICMP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow ICMP Trace",
"[PGPDIR]\\PGPNET.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow PGPNET outgoing everything */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow Outgoing",
"[PGPDIR]\\PGPNET.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* PGPTray Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"PGPTray",
"[PGPDIR]\\PGPTRAY.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow PGPTRAY outgoing everything */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow Outgoing",
"[PGPDIR]\\PGPTRAY.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* PGPKeys Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"PGPKeys",
"[PGPDIR]\\PGPKEYS.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow PGPKeys outgoing LDAP */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_List, 3, {kPGPnetTCPService_ldap,11370,11371,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow LDAP Outgoing",
"[PGPDIR]\\PGPKEYS.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* ePO Agent Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"ePolicy Orchestrator Agent",
"[ANYDIR]\\NAIMAS32.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow ePO Agent */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_List, 3, {kPGPnetTCPService_http,
81,
kPGPnetTCPService_webcache,0},
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
"Smart Rule - Allow ePO Agent HTTP",
"[ANYDIR]\\NAIMAS32.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow ePO Agent Ping */
TRUE, TRUE, FALSE, 1, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_tproxy,0,0,0},
"Smart Rule - Allow ePO Agent Ping",
"[ANYDIR]\\NAIMAS32.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* McAfee LWI Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"McAfee Lightweight Installer",
"[ANYDIR]\\LWI.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow LWI FTP TCP */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_List, 2, {kPGPnetTCPService_ftpdata,
kPGPnetTCPService_ftp,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Smart Rule - Allow LWI FTP and FTP Data TCP",
"[ANYDIR]\\LWI.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow LWI FTP UDP */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_List, 2, {kPGPnetTCPService_ftpdata,kPGPnetTCPService_ftp,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Smart Rule - Allow LWI FTP and FTP Data UDP",
"[ANYDIR]\\LWI.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow LWI FTP */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
"Smart Rule - Allow FTP TCP",
"[ANYDIR]\\LWI.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Services Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"System",
"[SYSDIR]\\KERNEL32.DLL", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow DNS */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_dns,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow System DNS",
"[SYSDIR]\\KERNEL32.DLL", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Kernel UDP */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_List, 2, {kPGPnetTCPService_netbios_ns,
kPGPnetTCPService_netbios_dgm,0,0},
kPGPnetIPServiceType_List, 2, {kPGPnetTCPService_netbios_ns,
kPGPnetTCPService_netbios_dgm,0,0},
"Known Rule - Allow System NetBIOS",
"[SYSDIR]\\KERNEL32.DLL", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Kernel UDP */
TRUE, TRUE, FALSE, 1, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Range, 2,{1024,65535,0,0},
kPGPnetIPServiceType_Single, 1,{kPGPnetTCPService_netbios_ns,0,0,0},
"Known Rule - Allow NetBIOS Name Service Incoming",
"[SYSDIR]\\KERNEL32.DLL", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Incoming Kernel Netbios */
TRUE, TRUE, FALSE, 1, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_netbios_ssn,0,0,0},
"Known Rule - Allow System NetBIOS Incoming",
"[SYSDIR]\\KERNEL32.DLL", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Outgoing Kernel Netbios */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_List, 2, {kPGPnetTCPService_netbios_ssn,
kPGPnetTCPService_msds,0,0},
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
"Known Rule - Allow System NetBIOS Outgoing",
"[SYSDIR]\\KERNEL32.DLL", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Outgoing Kernel Netbios */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_netbios_ssn,0,0,0},
kPGPnetIPServiceType_Single, 1, {0,0,0,0},
"Known Rule - Allow System NetBIOS Outgoing 2",
"[SYSDIR]\\KERNEL32.DLL", {0}, 0, kPGPFireRuleType_Child
},
{ /* Services Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Service Host",
"[SYSDIR]\\SVCHOST.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow Svchost RPC */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Single, 1, {135,0,0,0},
"Known Rule - Allow RPC UDP",
"[SYSDIR]\\SVCHOST.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Svchost RPC */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Single, 1, {135,0,0,0},
"Known Rule - Allow RPC TCP",
"[SYSDIR]\\SVCHOST.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Svchost UDP */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow Service Host UDP",
"[SYSDIR]\\SVCHOST.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Services Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Services",
"[SYSDIR]\\SERVICES.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow Services DNS */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_dns,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow DNS",
"[SYSDIR]\\SERVICES.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Local Services NetBIOS */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_List, 4, {kPGPnetTCPService_bootps,
kPGPnetTCPService_bootpc,
kPGPnetTCPService_netbios_ns,
kPGPnetTCPService_netbios_dgm},
kPGPnetIPServiceType_List, 4, {kPGPnetTCPService_bootps,
kPGPnetTCPService_bootpc,
kPGPnetTCPService_netbios_ns,
kPGPnetTCPService_netbios_dgm},
"Known Rule - Allow DHCP and NetBios",
"[SYSDIR]\\SERVICES.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Local Services NetBIOS */
TRUE, TRUE, FALSE, 1, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_netbios_ssn,0,0,0},
"Known Rule - Allow NetBIOS Incoming",
"[SYSDIR]\\SERVICES.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Local Services NetBIOS */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_netbios_ssn,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow NetBIOS Outgoing",
"[SYSDIR]\\SERVICES.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* RPCSS Group */
TRUE, TRUE, FALSE, 1, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Single, 1, {135,0,0,0},
"Remote Procedure Call Service",
"[SYSDIR]\\RPCSS.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow Local RPCSS */
TRUE, TRUE, FALSE, 1, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Single, 1, {135,0,0,0},
"Known Rule - Allow RPC TCP Incoming",
"[SYSDIR]\\RPCSS.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Local RPCSS */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Single, 1, {135,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow RPC TCP Outgoing",
"[SYSDIR]\\RPCSS.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Local RPCSS */
TRUE, TRUE, FALSE, 1, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Single, 1, {135,0,0,0},
"Known Rule - Allow RPC UDP Incoming",
"[SYSDIR]\\RPCSS.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* Allow Local RPCSS */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_UDP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Single, 1, {135,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow RPC UDP Outgoing",
"[SYSDIR]\\RPCSS.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* MPREXE Group*/
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"MPREXE",
"[SYSDIR]\\MPREXE.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow MPREXE */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_LocalSubnet, 0, 0,
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_netbios_ssn,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Known Rule - Allow NetBIOS Session Outgoing",
"[SYSDIR]\\MPREXE.EXE", {0}, 0, kPGPFireRuleType_Child
},
};
/* when adding to this list always add a group rule for
the application. the algorithm which checks if smart
rules exists, looks specifically for group rules.
this save processing time instead of enumerating thru
the entire list */
static PGPNetPrefFirewallRule sPresetKnownRules_Smart[] =
{
{ /* ePO Server Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"ePO Server",
"[ANYDIR]\\NAIMSERV.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow ePO Server */
TRUE, TRUE, FALSE, 1, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
kPGPnetIPServiceType_List, 2, {kPGPnetTCPService_http,
81,
kPGPnetTCPService_webcache,
0},
"Smart Rule - Allow ePO Server HTTP",
"[ANYDIR]\\NAIMSERV.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* McAfee VirusScan Update Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"VirusScan Update",
"[PRGDIR]\\MUPDATE.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow McAfee VirusScan Update */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_http,0,0,0},
kPGPnetIPServiceType_Range, 2, {1024,65535,0,0},
"Smart Rule - Allow VirusScan Update Outgoing",
"[PRGDIR]\\MUPDATE.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* window update Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Windows Critical Update",
"[WINDIR]\\WUCRTUPD.EXE", {0}, 0, kPGPFireRuleType_Group
},
{ /* Allow window update */
TRUE, TRUE, FALSE, 2, kPGPnetIPProtocol_TCP,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Single, 1, {kPGPnetTCPService_http,0,0,0},
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
"Smart Rule - Allow Web Outgoing",
"[WINDIR]\\WUCRTUPD.EXE", {0}, 0, kPGPFireRuleType_Child
},
{ /* window update Group */
TRUE, TRUE, FALSE, 0, kPGPnetIPProtocol_All,
kPGPnetAddrType_Any, 0, 0,
kPGPnetIPServiceType_Any, 0, {0,0,0,0},
kPGPnetIP⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -