#bPNG IHDR Ÿ f Õ†C1 sRGB ®Îé gAMA ±üa pHYs Ã ÃÇo¨d GIDATx^íÜL”÷ð÷Yçªö("Bh_ò«®¸¢§q5kÖ*:þ0AºšÖ¥]VkJ¢M»¶f¸±8\k2íll£1]q®ÙÔ‚ÆT p0 zones/work.xml000064400000000540151477076410007421 0ustar00 Work For use in work areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. zones/trusted.xml000064400000000257151477076410010136 0ustar00 Trusted All network connections are accepted. zones/external.xml000064400000000475151477076410010270 0ustar00 External For use on external networks. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. zones/drop.xml000064400000000460151477076410007404 0ustar00 Drop Unsolicited incoming network packets are dropped. Incoming packets that are related to outgoing network connections are accepted. Outgoing network connections are allowed. zones/nm-shared.xml000064400000001331151477076410010314 0ustar00 NetworkManager Shared This zone is used internally by NetworkManager when activating a profile that uses connection sharing and doesn't have an explicit firewall zone set. Block all traffic to the local machine except ICMP, ICMPv6, DHCP and DNS. Allow all forwarded traffic. Note that future package updates may change the definition of the zone unless you overwrite it with your own definition. zones/home.xml000064400000000632151477076410007371 0ustar00 Home For use in home areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. zones/block.xml000064400000000470151477076410007533 0ustar00 Block Unsolicited incoming network packets are rejected. Incoming packets that are related to outgoing network connections are accepted. Outgoing network connections are allowed. zones/internal.xml000064400000000651151477076410010256 0ustar00 Internal For use on internal networks. You mostly trust the other computers on the networks to not harm your computer. Only selected incoming connections are accepted. zones/public.xml000064400000000544151477076410007721 0ustar00 Public For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. zones/dmz.xml000064400000000462151477076410007234 0ustar00 DMZ For computers in your demilitarized zone that are publicly-accessible with limited access to your internal network. Only selected incoming connections are accepted. policies/allow-host-ipv6.xml000064400000001211151477076410012057 0ustar00 Allow host IPv6 Allows basic IPv6 functionality for the host running firewalld.

icmptypes/source-quench.xml000064400000000370151477076410012100 0ustar00 Source Quench This error message is generated to tell a host to reduce the pace at which it is sending packets. icmptypes/packet-too-big.xml000064400000000510151477076410012120 0ustar00 Packet Too Big This error message is sent by a router in response to a packet that it cannot forward because the packet is larger than the MTU of the outgoing link. icmptypes/host-prohibited.xml000064400000000401151477076410012416 0ustar00 Host Prohibited This error message is sent if access from a host administratively prohibited. icmptypes/host-unknown.xml000064400000000357151477076410011776 0ustar00 Host Unknown This error message is sent if the destination host is unknown. icmptypes/network-unreachable.xml000064400000000367151477076410013265 0ustar00 Network Unreachable This message is sent if the destination network is unreachable. icmptypes/neighbour-solicitation.xml000064400000000711151477076410013777 0ustar00 Neighbour Solicitation (Neighbor Solicitation) This informational message is sent by a node to determine the link-layer address of a neighbor, or to verify that a neighbor is still reachable via a cached link-layer address. Neighbor Solicitations are also used for Duplicate Address Detection. icmptypes/ttl-zero-during-reassembly.xml000064400000000445151477076410014534 0ustar00 TTL Zero During Reassembly This error message is sent if a host fails to reassemble a fragmented datagram within its time limit. icmptypes/neighbour-advertisement.xml000064400000000543151477076410014153 0ustar00 Neighbour Advertisement (Neighbor Advertisement) This informational message is sent in response to a neighbour-solicitation message in order to (unreliably) propagate new information quickly. icmptypes/redirect.xml000064400000000271151477076410011120 0ustar00 Redirect This error message informs a host to send packets on another route. icmptypes/ttl-zero-during-transit.xml000064400000000400151477076410014041 0ustar00 TTL Zero During Transit This error message is sent if the time to live exceeded in transit. icmptypes/time-exceeded.xml000064400000000375151477076410012026 0ustar00 Time Exceeded This error message is generated if the time-to-live was exceeded either of a packet or of the reassembling of a fragmented packet. icmptypes/mld-listener-report.xml000064400000000463151477076410013232 0ustar00 MLD Listener Report ICMPv6 Link-Local Multicast Listener Discovery (MDL) of type Multicast Listener Report (type 131) (RFC 4890 section 4.4.1). icmptypes/timestamp-reply.xml000064400000000351151477076410012452 0ustar00 Timestamp Reply This message is used to reply to a timestamp message. icmptypes/failed-policy.xml000064400000000405151477076410012037 0ustar00 Failed Policy This error message is generated if the source address failed ingress/egress policy. icmptypes/mld2-listener-report.xml000064400000000501151477076410013305 0ustar00 MLDv2 Multicast Listener Report ICMPv6 Link-Local Multicast Listener Discovery (MDLv2) of type Multicast Listener Report (type 143) (RFC 4890 section 4.4.1). icmptypes/address-unreachable.xml000064400000000601151477076410013210 0ustar00 Address Unreachable This error message is generated by a router, or by the IPv6 layer in the originating node, in response to a packet that cannot be delivered to its destination address for reasons other than congestion. icmptypes/echo-reply.xml000064400000000255151477076410011370 0ustar00 Echo Reply (pong) This message is the answer to an Echo Request. icmptypes/no-route.xml000064400000000357151477076410011074 0ustar00 No Route This error message is set if there is no route to the destination. icmptypes/host-precedence-violation.xml000064400000000412151477076410014366 0ustar00 Host Precedence Violation This error message is sent if the communication administratively prohibited. icmptypes/required-option-missing.xml000064400000000361151477076410014114 0ustar00 Required Option Missing This message is sent if a required option is missing. icmptypes/router-solicitation.xml000064400000000337151477076410013341 0ustar00 Router Solicitation This message is used by a host attached to a multicast link to request a Router Advertisement. icmptypes/network-prohibited.xml000064400000000372151477076410013141 0ustar00 Network Prohibited This message is sent if the network is administratively prohibited. icmptypes/network-redirect.xml000064400000000370151477076410012607 0ustar00 Network Redirect This message is sent if the datagram is redirected for the network. icmptypes/port-unreachable.xml000064400000000351151477076410012551 0ustar00 Port Unreachable This error message is sent if the port unreachable. icmptypes/ip-header-bad.xml000064400000000345151477076410011703 0ustar00 Ip Header Bad This error message is sent if the IP header is bad. icmptypes/unknown-header-type.xml000064400000000403151477076410013220 0ustar00 Unknown Header Type This error message is sent if an unrecognized Next Header type encountered. icmptypes/source-route-failed.xml000064400000000354151477076410013177 0ustar00 Source Route Failed This message is sent if the source route has failed. icmptypes/mld-listener-query.xml000064400000000461151477076410013062 0ustar00 MLD Listener Query ICMPv6 Link-Local Multicast Listener Discovery (MDL) of type Multicast Listener Query (type 130) (RFC 4890 section 4.4.1). icmptypes/tos-network-unreachable.xml000064400000000415151477076410014062 0ustar00 TOS Network Unreachable This error message is sent if the network is unreachable for the type of service. icmptypes/host-unreachable.xml000064400000000367151477076410012551 0ustar00 Host Unreachable This error message is sent if the destination host is unreachable. icmptypes/fragmentation-needed.xml000064400000000430151477076410013374 0ustar00 Fragmentation Needed This error message is sent if fragmentation is required, and Don not Fragment (DF) flag is set. icmptypes/echo-request.xml000064400000000322151477076410011720 0ustar00 Echo Request (ping) This message is used to test if a host is reachable mostly with the ping utility. icmptypes/router-advertisement.xml000064400000000343151477076410013507 0ustar00 Router Advertisement This message is used by routers to periodically announce the IP address of a multicast interface. icmptypes/tos-host-unreachable.xml000064400000000401151477076410013341 0ustar00 TOS Host Unreachable This message is sent if the host is unreachable for the type of service. icmptypes/network-unknown.xml000064400000000357151477076410012512 0ustar00 Network Unknown This message is sent if the destination network is unknown. icmptypes/destination-unreachable.xml000064400000000336151477076410014111 0ustar00 Destination Unreachable This error message is generated by a host or gateway if the destination is not reachable. icmptypes/parameter-problem.xml000064400000000341151477076410012733 0ustar00 Parameter Problem This error message is generated if the IP header is bad, either by a missing option or bad length. icmptypes/timestamp-request.xml000064400000000344151477076410013011 0ustar00 Timestamp Request This message is used for time synchronization. icmptypes/unknown-option.xml000064400000000371151477076410012325 0ustar00 Unknown Option This error message is sent if an unrecognized IPv6 option encountered. icmptypes/reject-route.xml000064400000000364151477076410011732 0ustar00 Reject Route This error message is sent if the route to destination is rejected. icmptypes/precedence-cutoff.xml000064400000000400151477076410012672 0ustar00 Precedence Cutoff This message is sent if the precedence is lower than the required minimum. icmptypes/mld-listener-done.xml000064400000000534151477076410012643 0ustar00 MLD Listener Done ICMPv6 Link-Local Multicast Listener Discovery (MDL) of type Multicast Listener Done (type 132) (RFC 4890 section 4.4.1). Also known as mld-listener-reduction to nft. icmptypes/host-redirect.xml000064400000000362151477076410012074 0ustar00 Host Redirect This message is sent if the datagram is redirected for the host. icmptypes/tos-host-redirect.xml000064400000000402151477076410012672 0ustar00 TOS Host Redirect This message is the datagram is redirected for the type of service and host. icmptypes/communication-prohibited.xml000064400000000427151477076410014316 0ustar00 Communication Prohibited This error message is sent if communication with destination administratively prohibited. icmptypes/protocol-unreachable.xml000064400000000371151477076410013430 0ustar00 Protocol Unreachable This message is sent if the destination protocol is unreachable. icmptypes/tos-network-redirect.xml000064400000000420151477076410013406 0ustar00 TOS Network Redirect This message is sent if the datagram is redirected for the type of service and network. icmptypes/beyond-scope.xml000064400000000445151477076410011711 0ustar00 Beyond Scope This error message is sent if transmitting a package would cross a zone boundary of the scope of the source address. icmptypes/bad-header.xml000064400000000402151477076410011267 0ustar00 Bad Header This error message is created if there has been an error in the header of a packet. helpers/netbios-ns.xml000064400000000215151477076410011023 0ustar00 helpers/pptp.xml000064400000000210151477076410007720 0ustar00 helpers/proto-gre.xml000064400000000132151477076410010656 0ustar00 helpers/ftp.xml000064400000000167151477076410007541 0ustar00 helpers/h323.xml000064400000000125151477076410007421 0ustar00 helpers/irc.xml000064400000000206151477076410007517 0ustar00 helpers/sip.xml000064400000000236151477076410007540 0ustar00 helpers/tftp.xml000064400000000170151477076410007717 0ustar00 helpers/RAS.xml000064400000000172151477076410007371 0ustar00 helpers/Q.931.xml000064400000000172151477076410007457 0ustar00 helpers/amanda.xml000064400000000175151477076410010170 0ustar00 helpers/snmp.xml000064400000000207151477076410007720 0ustar00 helpers/sane.xml000064400000000172151477076410007672 0ustar00 services/memcache.xml000064400000000365151477076410010673 0ustar00 memcache memcache is a high-performance object caching system. services/xdmcp.xml000064400000000511151477076410010235 0ustar00 XDMCP The X Display Manager Control Protocol (XDMCP) allows to remotely log in to an X desktop environment from any X Window System compatible client. services/kdeconnect.xml000064400000000420151477076410011236 0ustar00 KDE Connect KDE Connect is an application to connect your phone to your computer. services/kshell.xml000064400000000362151477076410010410 0ustar00 kshell Kerberized rshell server accepts rshell commands authenticated and encrypted with Kerberos 5 services/ceph-mon.xml000064400000000446151477076410010637 0ustar00 ceph-mon Ceph is a distributed object store and file system. Enable this option to support Ceph's Monitor Daemon. services/netbios-ns.xml000064400000000406151477076410011206 0ustar00 NetBIOS NS This allows you to find Windows (Samba) servers that share files and printers. services/audit.xml000064400000000455151477076410010237 0ustar00 Audit The Linux Audit subsystem is used to log security events. Enable this option, if you plan to aggregate audit events to/from a remote server/client. services/bb.xml000064400000000655151477076410007516 0ustar00 Big Brother Big Brother is a plain text protocol for sending and receiving client data, reports, and queries to a BB-compatible monitoring server or proxy. The standard IANA port for a listening Big Brother service is 1984, because of course it is. services/matrix.xml000064400000000660151477076410010433 0ustar00 Matrix Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Port 443 is the 'client' port, whereas port 8448 is the Federation port. Federation is the process by which users on different servers can participate in the same room. services/zabbix-agent.xml000064400000000472151477076410011503 0ustar00 Zabbix Agent Zabbix is a mature and effortless enterprise-class open source monitoring solution for network monitoring and application monitoring of millions of metrics. services/pulseaudio.xml000064400000000636151477076410011304 0ustar00 PulseAudio A PulseAudio server provides an ability to stream audio over network. You want to enable this service in case you are using module-native-protocol-tcp in the PulseAudio configuration. If you are using module-zeroconf-publish you want also enable mdns service. services/smtp-submission.xml000064400000000347151477076410012305 0ustar00 Mail (SMTP-Submission) SMTP-Submission allows remote users to submit mail over port 587. services/quassel.xml000064400000000421151477076410010577 0ustar00 Quassel IRC Quassel is a distributed IRC client, meaning that one or more clients can attach to and detach from the central core. services/high-availability.xml000064400000001140151477076410012510 0ustar00 Red Hat High Availability This allows you to use the Red Hat High Availability (previously named Red Hat Cluster Suite). Ports are opened for corosync, pcsd, pacemaker_remote, dlm and corosync-qnetd. services/smtp.xml000064400000001046151477076410010111 0ustar00 Mail (SMTP) This option allows incoming SMTP mail delivery. If you need to allow remote hosts to connect directly to your machine to deliver mail, enable this option. You do not need to enable this if you collect your mail from your ISP's server by POP3 or IMAP, or if you use a tool such as fetchmail. Note that an improperly configured SMTP server can allow remote machines to use your server to send spam. services/jenkins.xml000064400000000325151477076410010566 0ustar00 jenkins Jenkins is an open source automation server written in Java. services/zabbix-server.xml000064400000000473151477076410011714 0ustar00 Zabbix Server Zabbix is a mature and effortless enterprise-class open source monitoring solution for network monitoring and application monitoring of millions of metrics. services/bareos-director.xml000064400000000606151477076410012213 0ustar00 Bareos Director Daemon (bareos-dir) This option allows connections to a local Bareos Director. These connections are typically initiated by Bareos consoles (bconsole). Bareos WebUI and Bareos File Daemon (when using Client Initiated Connections). services/rsyncd.xml000064400000000467151477076410010436 0ustar00 Rsync in daemon mode Rsync in daemon mode works as a central server, in order to house centralized files and keep them synchronized. services/freeipa-trust.xml000064400000001221151477076410011713 0ustar00 FreeIPA trust setup FreeIPA is an LDAP and Kerberos domain controller for Linux systems. Enable this option of you plan to deploy cross-forest trusts with FreeIPA and Active Directory services/minidlna.xml000064400000000516151477076410010722 0ustar00 MiniDLNA MiniDLNA is a simple media server software with the aim to be fully compliant with DLNA/UPNP-AV clients. Enable this service if you run minidlna service. services/ws-discovery-udp.xml000064400000000567151477076410012361 0ustar00 WS-Discovery (UDP) Web Services Dynamic Discovery (WS-Discovery) is a technical specification that defines a multicast discovery protocol to locate services on a local network. services/xmpp-server.xml000064400000001041151477076410011411 0ustar00 XMPP (Jabber) server Extensible Messaging and Presence Protocol (XMPP) server connection protocols allows multiple XMPP (Jabber) servers to work in a federated fashion. Users on one server will be able to see the presence of and communicate with users on another servers. Enable this if you run an XMPP (Jabber) server and you wish users on your server to communicate with users on other XMPP servers. services/opentelemetry.xml000064400000000612151477076410012020 0ustar00 OTLP OpenTelemetry Protocol (OTLP) specification describes the encoding, transport, and delivery mechanism of telemetry data between telemetry sources, intermediate nodes such as collectors and telemetry backends. services/ssh.xml000064400000000717151477076410007727 0ustar00 SSH Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful. services/bitcoin.xml000064400000000364151477076410010557 0ustar00 Bitcoin The default port used by Bitcoin. Enable this option if you plan to be a full Bitcoin node. services/pmcd.xml000064400000000661151477076410010053 0ustar00 Performance metrics collector (pmcd) This option allows PCP (Performance Co-Pilot) monitoring. If you need to allow remote hosts to connect directly to your machine to monitor aspects of its performance, enable this option. You need the pcp package installed for this option to be useful. services/cfengine.xml000064400000000250151477076410010700 0ustar00 CFEngine CFEngine server services/dds-unicast.xml000064400000001663151477076410011351 0ustar00 OMG DDS Open Management Group (OMG) Data Distribution Service (DDS) is protocol supporting various applications. It is usally found in control systems. This is the unicast service for domains with ID 0 ito 10 and maximal possible applications (120). Please see https://community.rti.com/content/forum-topic/statically-configure-firewall-let-omg-dds-traffic-through for details. services/ipsec.xml000064400000001577151477076410010242 0ustar00 IPsec Internet Protocol Security (IPsec) is the standardized IETF VPN architecture defined in RFC 4301. IPsec is negotiated using the IKEv1 (RFC 2409) or IKEv2 (RFC 7296) protocol, which in itself uses encryption and authentication. IPsec provides Internet Protocol (IP) packet encryption and authentication. Both IKE and IPsec can be encapsulated in UDP (RFC 3948) or TCP (RFC 8229 to make it easier to traverse NAT. Enabling this service will enable IKE, IPsec and their encapsulation protocols and ports. Note that IKE and IPsec can also be configured to use non-default ports, but this is not common practice. services/klogin.xml000064400000000371151477076410010411 0ustar00 klogin The kerberized rlogin server accepts BSD-style rlogin sessions, but uses Kerberos 5 authentication. services/rtsp.xml000064400000000536151477076410010121 0ustar00 RTSP The Real Time Streaming Protocol (RTSP) is a network control protocol designed for use in entertainment and communications systems to control streaming media servers. services/http3.xml000064400000000520151477076410010164 0ustar00 WWW (HTTP/3) HTTP/3 is a protocol used to serve Web pages that uses QUIC as the transport protocol. If you plan to make your HTTP/3 compatible Web server publicly available, enable this option. services/llmnr-tcp.xml000064400000000632151477076410011036 0ustar00 LLMNR (TCP) Link-Local Multicast Name Resolution (LLMNR) allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local network. This service matches incoming queries; it will allow this host to be resolved by other hosts. services/tinc.xml000064400000000520151477076410010057 0ustar00 tinc VPN tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. services/dns-over-tls.xml000064400000000476151477076410011471 0ustar00 DNS over TLS DNS over TLS (DoT) is a security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol services/syncthing-relay.xml000064400000000636151477076410012252 0ustar00 Syncthing Relay Syncthing is a peer-to-peer file synchronization service. Only enable this option if you run a Syncthing relay server. This separate program (syncthing-relaysrv or relaysrv) is not needed for normal Syncthing usage. services/distcc.xml000064400000000315151477076410010375 0ustar00 distcc Distcc is a protocol used for distributed compilation. services/netdata-dashboard.xml000064400000000363151477076410012474 0ustar00 Netdata Dashboard Netdata dashboard is a place to view the results of the netdata monitoring agent services/wbem-http.xml000064400000000540151477076410011033 0ustar00 wbem-http Web-Based Enterprise Management (WBEM) is a set of systems management technologies developed to unify the management of distributed computing environments. This is the unencrypted protocol variant. services/svn.xml000064400000000347151477076410007737 0ustar00 Subversion The custom, unencrypted protocol used the Subversion Version Control System. services/ws-discovery-tcp.xml000064400000000500151477076410012342 0ustar00 WS-Discovery (TCP) Web Services Dynamic Discovery (WS-Discovery) is a technical specification that defines a multicast discovery protocol to locate services on a local network. services/isns.xml000064400000000546151477076410010106 0ustar00 iSNS The Internet Storage Name Service (iSNS) is a protocol that allows automated discovery, management and configuration of iSCSI and Fibre Channel devices on a TCP/IP network. services/kubelet.xml000064400000000357151477076410010565 0ustar00 Kubernetes Kubelet The kubelet API is used to communicate between kube-scheduler and the node. services/http.xml000064400000000541151477076410010104 0ustar00 WWW (HTTP) HTTP is the protocol used to serve Web pages. If you plan to make your Web server publicly available, enable this option. This option is not required for viewing pages locally or developing Web pages. services/amqp.xml000064400000000421151477076410010060 0ustar00 amqp The Advanced Message Queuing Protocol (AMQP) is an open standard application layer protocol for message-oriented middleware. services/ovirt-imageio.xml000064400000000404151477076410011676 0ustar00 oVirt Image I/O oVirt Image I/O simplifies the workflow of introducing new oVirt images into the oVirt environment. services/managesieve.xml000064400000000535151477076410011414 0ustar00 ManageSieve The ManageSieve Protocol allows a local client to manage eMail sieve scripts on a remote server. If you plan to provide a ManageSieve service (e.g. with dovecot pigeonhole), enable this option. services/condor-collector.xml000064400000000404151477076410012373 0ustar00 HT Condor Collector The HT Condor Collector is needed to organize the condor worker nodes. services/nut.xml000064400000000560151477076410007734 0ustar00 NUT Network UPS Tools (NUT) is a protocol that allows to monitor and control power devices like uninterruptible power supplies. services/freeipa-replication.xml000064400000000362151477076410013050 0ustar00 FreeIPA replication (deprecated) This service is deprecated. Please use freeipa-4 service instead. services/zerotier.xml000064400000000362151477076410010771 0ustar00 ZeroTier ZeroTier creates secure networks between on-premise, cloud, desktop, and mobile devices. services/xmpp-client.xml000064400000000750151477076410011367 0ustar00 XMPP (Jabber) client Extensible Messaging and Presence Protocol (XMPP) client connection protocol allows XMPP (Jabber) clients such as Empathy, Pidgin, Kopete and Jitsi to connect to an XMPP (Jabber) server. Enable this if you run an XMPP (Jabber) server and you wish clients to be able to connect to the server and communicate with each other. services/tentacle.xml000064400000000374151477076410010730 0ustar00 tentacle Tentacle is a protocol for monitoring computer networks. Pandora FMS is one server implementation. services/transmission-client.xml000064400000000364151477076410013135 0ustar00 Transmission Transmission is a lightweight BitTorrent client. services/ftp.xml000064400000000551151477076410007717 0ustar00 FTP FTP is a protocol used for remote file transfer. If you plan to make your FTP server publicly available, enable this option. You need the vsftpd package installed for this option to be useful. services/openvpn.xml000064400000000517151477076410010615 0ustar00 OpenVPN OpenVPN is a virtual private network (VPN) solution. It is used to create encrypted point-to-point tunnels between computers. If you plan to provide a VPN service, enable this option. services/ovirt-storageconsole.xml000064400000000527151477076410013321 0ustar00 oVirt Storage-Console oVirt Storage Console is a web-based storage management platform specially designed to efficiently manage oVirt's storage-defined storage. services/vdsm.xml000064400000001121151477076410010071 0ustar00 oVirt's Virtual Desktop and Server Manager The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection. services/cockpit.xml000064400000000323151477076410010557 0ustar00 Cockpit Cockpit lets you access and configure your server remotely. services/warpinator.xml000064400000000673151477076410011321 0ustar00 Warpinator Warpinator is a file sharing app developed by Linux Mint. Warpinator allows you to send and receive files between computers that are on the same network without the need for any servers or special configuration. services/libvirt-tls.xml000064400000000601151477076410011375 0ustar00 Virtual Machine Management (TLS) Enable this option if you want to allow remote virtual machine management with TLS encryption, x509 certificates and optional SASL authentication. The libvirtd service is needed for this option to be useful. services/syncthing.xml000064400000000536151477076410011137 0ustar00 Syncthing Syncthing is a peer-to-peer file synchronization service. Enable this option, if you plan to run the Syncthing service. services/pmwebapi.xml000064400000000714151477076410010733 0ustar00 Performance metrics web API (pmwebapi) This option allows web clients to use PCP (Performance Co-Pilot) monitoring services. If you need to allow remote web clients to connect to your machine to monitor aspects of its performance, enable this option. You need the pcp package installed for this option to be useful. services/kprop.xml000064400000000266151477076410010264 0ustar00 kprop Kerberos KDC Propagation Protocol services/syncthing-gui.xml000064400000000451151477076410011715 0ustar00 Syncthing GUI Enable this option in addition to the Syncthing option to allow traffic to the Syncthing web interface. (Be sure to secure it accordingly). services/kadmin.xml000064400000000266151477076410010374 0ustar00 kadmin Kerberos Administration Protocol services/wsman.xml000064400000000474151477076410010257 0ustar00 wsman Web Services for Management (WSMAN) is a protocol for managing PCs, servers, devices, Web services and other applications. This variant of the protocol is unencrypted services/plex.xml000064400000001545151477076410010102 0ustar00 PLEX Plex Media Server (PMS) is the back-end media server component of Plex. It organizes content from personal media libraries and streams it to the network. services/collectd.xml000064400000000450151477076410010715 0ustar00 Collectd Collectd is a monitoring system that allows metrics to be sent over the network. This rule allows incoming collectd traffic from remote boxes. services/ws-discovery.xml000064400000000545151477076410011567 0ustar00 WS-Discovery Web Services Dynamic Discovery (WS-Discovery) is a technical specification that defines a multicast discovery protocol to locate services on a local network. services/pmwebapis.xml000064400000001040151477076410011107 0ustar00 Secure performance metrics web API (pmwebapis) This option allows web clients to use PCP (Performance Co-Pilot) monitoring services over a secure connection. If you need to allow remote web clients to connect to your machine to monitor aspects of its performance, and you consider that information to be sensitive, enable this option. You need the pcp package installed for this option to be useful. services/ovirt-vmconsole.xml000064400000000353151477076410012274 0ustar00 oVirt VM Console oVirt VM Consoles enables secure access to virtual machine serial console. services/nebula.xml000064400000000465151477076410010400 0ustar00 Nebula Nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. The port needs to be open if the host is set as lighthouse. services/ps2link.xml000064400000000406151477076410010507 0ustar00 ps2link ps2link is a protocol used for interacting with a PlayStation 2 system. services/freeipa-4.xml000064400000001305151477076410010700 0ustar00 FreeIPA 4 server FreeIPA is an integrated identity and authentication solution with Kerberos, LDAP, PKI, and web UI. Enable this option if you plan to provide a FreeIPA server. Enable the 'dns' service if this FreeIPA server provides DNS services, 'ntp' service if this FreeIPA server provides NTP services, and 'freeipa-trust' for cross-forest trusts with Active Directory. services/git.xml000064400000000324151477076410007707 0ustar00 git The git daemon for supporting git:// access to git repositories. services/kube-nodeport-services.xml000064400000000340151477076410013521 0ustar00 Kubernetes Kubelet Services of type NodePort expose a port on each worker services/postgresql.xml000064400000000265151477076410011333 0ustar00 PostgreSQL PostgreSQL Database Server services/wbem-https.xml000064400000000466151477076410011225 0ustar00 wbem-https Web-Based Enterprise Management (WBEM) is a set of systems management technologies developed to unify the management of distributed computing environments services/pmproxy.xml000064400000000732151477076410010645 0ustar00 Performance metrics proxy (pmproxy) This option allows indirect PCP (Performance Co-Pilot) monitoring via a proxy. If you need to allow remote hosts to connect through your machine to monitor aspects of performance of one or more proxied hosts, enable this option. You need the pcp package installed for this option to be useful. services/kibana.xml000064400000000600151477076410010346 0ustar00 Kibana Kibana is an open source data visualization platform that allows you to interact with your data through stunning, powerful graphics that can be combined into custom dashboards that help you share insights from your data far and wide. services/llmnr-client.xml000064400000000724151477076410011530 0ustar00 LLMNR Client Link-Local Multicast Name Resolution (LLMNR) allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local network. This service allows incoming LLMNR responses. Due to protocol details the service matches by source port and thus allows unsolicited responses.

services/nfs3.xml000064400000000526151477076410010001 0ustar00 NFS3 The NFS3 protocol is used to share files. You will need to have the NFS tools installed and properly configure your NFS server for this option to be useful. services/lightning-network.xml000064400000000415151477076410012577 0ustar00 Lightning Network The default port used by Lightning Network. Enable this option if you plan to be a Lightning Network node. services/apcupsd.xml000064400000000435151477076410010566 0ustar00 apcupsd The American Power Conversion (APC) uninterruptible power supply (UPS) daemon protocol allows to monitor and control APC UPS devices. services/gpsd.xml000064400000000626151477076410010066 0ustar00 gpsd gpsd is a service daemon that monitors one or more GPSes or AIS receivers attached to a host computer through serial or USB ports, making all data on the location/course/velocity of the sensors available to be queried on TCP port 2947 of the host computer. services/rpc-bind.xml000064400000000326151477076410010624 0ustar00 rpc-bind Remote Procedure Call Bind services/kerberos.xml000064400000000351151477076410010740 0ustar00 Kerberos Kerberos network authentication protocol server services/privoxy.xml000064400000000775151477076410010656 0ustar00 Privoxy - A Privacy Enhancing Proxy Server Privoxy is a web proxy for enhancing privacy by filtering web page content, managing cookies, controlling access, removing ads, banners, pop-ups and other obnoxious Internet junk. It does not cache web content. Enable this if you run Privoxy and would like to configure your web browser to browse the Internet via Privoxy. services/bacula-client.xml000064400000000500151477076410011623 0ustar00 Bacula Client This option allows a Bacula server to connect to the local machine to schedule backups. You need the bacula-client package installed for this option to be useful. services/samba.xml000064400000000576151477076410010220 0ustar00 Samba This option allows you to access and participate in Windows file and printer sharing networks. You need the samba package installed for this option to be useful. services/irc.xml000064400000000367151477076410007710 0ustar00 IRC An IRCd, short for Internet Relay Chat daemon, is server software that implements the IRC protocol. services/sip.xml000064400000000760151477076410007723 0ustar00 SIP The Session Initiation Protocol (SIP) is a communications protocol for signaling and controlling multimedia communication sessions. The most common applications of SIP are in Internet telephony for voice and video calls, as well as instant messaging, over Internet Protocol (IP) networks. services/ctdb.xml000064400000000450151477076410010040 0ustar00 CTDB CTDB is a cluster implementation of the TDB database used by Samba and other projects to store temporary data. services/https.xml000064400000000700151477076410010264 0ustar00 Secure WWW (HTTPS) HTTPS is a modified HTTP used to serve Web pages when security is important. Examples are sites that require logins like stores or web mail. This option is not required for viewing pages locally or developing Web pages. You need the httpd package installed for this option to be useful. services/tftp.xml000064400000000650151477076410010103 0ustar00 TFTP The Trivial File Transfer Protocol (TFTP) is a protocol used to transfer files to and from a remote machine in a simple way. It is normally used only for booting diskless workstations and also to transfer data in the Preboot eXecution Environment (PXE). services/proxy-dhcp.xml000064400000000405151477076410011221 0ustar00 Proxy DHCP PXE redirection service (Proxy DHCP) responds to PXE clients and provides redirection to PXE boot servers. services/squid.xml000064400000000255151477076410010254 0ustar00 squid Squid HTTP proxy server services/dhcpv6.xml000064400000000352151477076410010317 0ustar00 DHCPv6 This allows a DHCPv6 server to accept messages from DHCPv6 clients and relay agents. services/steam-streaming.xml000064400000001167151477076410012232 0ustar00 Steam In-Home Streaming Steam in-home streaming allows you to play a game on one computer when the game process is actually running on another computer elsewhere in your home. Through Steam, game audio and video is captured on the remote computer and sent to the player's computer. The game input (keyboard, mouse or gamepad) is sent from the player's computer to the game process on the remote computer. services/wireguard.xml000064400000000435151477076410011120 0ustar00 WireGuard WireGuard is the simple, fast and modern VPN. The port needs to be open if a peer has this host explicitly configured as endpoint. services/murmur.xml000064400000000362151477076410010455 0ustar00 Murmur Murmur is the server of the Mumble VoIP chat system. services/kube-scheduler-secure.xml000064400000000510151477076410013307 0ustar00 Kubernetes Scheduler - secure The Kubernetes scheduler is a policy-rich, topology-aware, workload-specific function that significantly impacts availability, performance, and capacity. services/cratedb.xml000064400000000527151477076410010535 0ustar00 CrateDB CrateDB is a distributed SQL database management system that integrates a fully searchable document oriented data store. services/kube-worker.xml000064400000000566151477076410011371 0ustar00 Kubernetes Worker Node The Kubernetes Worker Node runs some (or sometimes all) of the workloads of the Kubernetes cluster. There might be NodoPort services associated with these workloads. services/ceph.xml000064400000000511151477076410010041 0ustar00 ceph Ceph is a distributed object store and file system. Enable this option to support Ceph's Object Storage Daemons (OSD), Metadata Server Daemons (MDS), or Manager Daemons (MGR). services/snmptls.xml000064400000000606151477076410010627 0ustar00 Secure SNMP (TLS) Simple Network Management Protocol over TLS/DTLS is an "Internet-standard protocol for managing devices on IP networks" protected by TLS. Enable this service if you run SNMP agent (server). services/finger.xml000064400000000340151477076410010374 0ustar00 finger Finger is a protocol for obtaining information about users on remote hosts. services/kube-apiserver.xml000064400000000464151477076410012055 0ustar00 Kubernetes Api Server The Kubernetes API server validates and configures data for the api objects which include pods, services, replicationcontrollers, and others. services/ntp.xml000064400000000605151477076410007727 0ustar00 Network Time Protocol (NTP) Server The Network Time Protocol (NTP) allows to synchronize computers to a time server. Enable this option, if you are providing a NTP server. You need the ntp or chrony package installed for this option to be useful. services/bacula.xml000064400000000532151477076410010354 0ustar00 Bacula Bacula is a network backup solution. Enable this option, if you plan to provide Bacula backup, file and storage services. services/bitcoin-rpc.xml000064400000000423151477076410011335 0ustar00 Bitcoin RPC Enable this option if you need access to the Bitcoin RPC interface. This is not required when connecting on localhost. services/dds.xml000064400000001076151477076410007703 0ustar00 OMG DDS Open Management Group (OMG) Data Distribution Service (DDS) is protocol supporting various applications. It is usally found in control systems. This is the unicast and multicast service for domains with ID 0 through 10 and maximal possible applications (120). Please see https://community.rti.com/content/forum-topic/statically-configure-firewall-let-omg-dds-traffic-through for details. services/dds-multicast.xml000064400000001725151477076410011707 0ustar00 OMG DDS Open Management Group (OMG) Data Distribution Service (DDS) is protocol supporting various applications. It is usally found in control systems. This is the unicast service for domains with ID 0 to 10 and maximal possible applications (120). Please see https://community.rti.com/content/forum-topic/statically-configure-firewall-let-omg-dds-traffic-through for details. services/redis.xml000064400000000414151477076410010232 0ustar00 redis Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache and message broker. services/imap.xml000064400000000507151477076410010055 0ustar00 IMAP The Internet Message Access Protocol(IMAP) allows a local client to access email on a remote server. If you plan to provide a IMAP service (e.g. with dovecot), enable this option. services/rquotad.xml000064400000000325151477076410010604 0ustar00 rquotad Remote Quota Server Daemon services/rdp.xml000064400000000267151477076410007717 0ustar00 rdp Microsoft's Remote Desktop Protocol services/bareos-storage.xml000064400000000474151477076410012047 0ustar00 Bareos Storage Daemon (bareos-sd) This option allows Bareos Director and File Daemons to connect to the local Bareos Storage Daemon to send/receive data and manage volumes. services/syslog.xml000064400000000511151477076410010442 0ustar00 syslog Syslog is a client/server protocol: a logging application transmits a text message to the syslog receiver. The receiver is commonly called syslogd, syslog daemon or syslog server. services/bgp.xml000064400000000523151477076410007675 0ustar00 BGP service listen Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet services/imaps.xml000064400000000564151477076410010243 0ustar00 IMAP over SSL The Internet Message Access Protocol over SSL (IMAPs) allows a local client to access email on a remote server in a secure way. If you plan to provide a IMAP over SSL service (e.g. with dovecot), enable this option. services/ceph-exporter.xml000064400000000336151477076410011714 0ustar00 ceph-exporter The Prometheus module running on Ceph manager to expose metrics. services/grafana.xml000064400000000332151477076410010522 0ustar00 grafana Grafana is an open platform for beautiful analytics and monitoring services/snmptls-trap.xml000064400000000547151477076410011577 0ustar00 Secure SNMPTRAP (TLS) Secure SNMP traps enable an agent to notify the management station of significant events by way of an unsolicited SNMP message. This port is protected by TLS. services/tile38.xml000064400000000335151477076410010236 0ustar00 tile38 Tile38 is a geospatial database, spatial index, and realtime geofence. services/sips.xml000064400000000433151477076410010103 0ustar00 SIP-TLS (SIPS) SIP-TLS is a modified SIP (Session Initiation Protocol) using TLS for secure signaling. services/kube-control-plane-secure.xml000064400000001060151477076410014107 0ustar00 Kubernetes Control-plane Node - secure The Kubernetes Control-plane Node runs all the services of the Kubernetes Control Plane. This includes kube-apiserver, etcd, kube-schedule, kube-controller-manager, cloud-controller-manager, and others services/amanda-k5-client.xml000064400000000653151477076410012143 0ustar00 Amanda Backup Client (kerberized) The Amanda backup client option allows you to connect to a Amanda backup and archiving server. You need the amanda-client package installed for this option to be useful. This service specifically allows krb5 authentication services/kpasswd.xml000064400000000335151477076410010602 0ustar00 Kpasswd Kerberos password (Kpasswd) server services/nfs.xml000064400000000504151477076410007712 0ustar00 NFS4 The NFS4 protocol is used to share files via TCP networking. You will need to have the NFS tools installed and properly configure your NFS server for this option to be useful. services/bitcoin-testnet.xml000064400000000431151477076410012236 0ustar00 Bitcoin testnet The default port used by Bitcoin testnet. Enable this option if you plan to be a Bitcoin full node on the test network. services/ausweisapp2.xml000064400000000664151477076410011376 0ustar00 AusweisApp2 AusweisApp2 is an official government application to provide electronic identification services (eID) in conjunction with an approved electronic identification document such as the german nPA. In order to use your Smartphone as a card reader enable this service. services/ps3netsrv.xml000064400000000255151477076410011076 0ustar00 ps3netsrv PS3 Network Server services/dhcp.xml000064400000000343151477076410010043 0ustar00 DHCP This allows a DHCP server to accept messages from DHCP clients and relay agents. services/pop3.xml000064400000000534151477076410010010 0ustar00 POP-3 The Post Office Protocol version 3 (POP3) is a protocol to retrieve email from a remote server over a TCP/IP connection. Enable this option, if you plan to provide a POP3 service (e.g. with dovecot). services/RH-Satellite-6.xml000064400000001054151477076410011525 0ustar00 Red Hat Satellite 6 Red Hat Satellite 6 is a systems management server that can be used to configure new systems, subscribe to updates, and maintain installations in distributed environments. services/rootd.xml000064400000000516151477076410010256 0ustar00 rootd The (x)rootd server was developed for the root analysis framework to serve root files. However, the server is agnostic to file types and provides POSIX-like access to any type of file. services/upnp-client.xml000064400000000410151477076410011356 0ustar00 UPnP Client Universal Plug and Play client for auto-configuration of network routers (use only in trusted zones).

services/freeipa-ldaps.xml000064400000000751151477076410011644 0ustar00 FreeIPA with LDAPS (deprecated) This service is deprecated. Please use freeipa-4 service instead. services/syslog-tls.xml000064400000000674151477076410011254 0ustar00 syslog-tls Syslog is a client/server protocol: a logging application transmits a text message to the syslog receiver. The receiver is commonly called syslogd, syslog daemon or syslog server. Syslog-tls uses TLS encryption to protect the messages during transport. services/foreman-proxy.xml000064400000000416151477076410011734 0ustar00 foreman-proxy The Smart Proxy is a project which provides a restful API to various sub-systems. services/foreman.xml000064400000000630151477076410010553 0ustar00 foreman Foreman is a complete lifecycle management tool for physical and virtual servers. services/kube-scheduler.xml000064400000000477151477076410012037 0ustar00 Kubernetes Scheduler The Kubernetes scheduler is a policy-rich, topology-aware, workload-specific function that significantly impacts availability, performance, and capacity. services/wsmans.xml000064400000000503151477076410010433 0ustar00 wsmans Web Services for Management (WSMAN) is a protocol for managing PCs, servers, devices, Web services and other applications. This variant of the protocol uses TLS encryption. services/galera.xml000064400000000444151477076410010362 0ustar00 Galera MariaDB-Galera Database Server services/elasticsearch.xml000064400000000522151477076410011736 0ustar00 Elasticsearch Elasticsearch is a distributed, open source search and analytics engine, designed for horizontal scalability, reliability, and easy management. services/synergy.xml000064400000000760151477076410010630 0ustar00 Synergy Synergy lets you easily share your mouse and keyboard between multiple computers, where each computer has its own display. No special hardware is required, all you need is a local area network. Synergy is supported on Windows, Mac OS X and Linux. Redirecting the mouse and keyboard is as simple as moving the mouse off the edge of your screen. services/bareos-filedaemon.xml000064400000000377151477076410012510 0ustar00 Bareos File Daemon (bareos-fd) This option allows a Bareos Director to connect to the local Bareos File Daemon. services/mssql.xml000064400000000252151477076410010263 0ustar00 mssql Microsoft SQL Server services/xmpp-bosh.xml000064400000000775151477076410011053 0ustar00 XMPP (Jabber) web client Extensible Messaging and Presence Protocol (XMPP) web client protocol allows web based chat clients such as JWChat to connect to the XMPP (Jabber) server. This is also known as the Bidirectional-streams Over Synchronous HTTP (BOSH) protocol. Enable this if you run an XMPP (Jabber) server and you wish web clients to connect to your server. services/mysql.xml000064400000000253151477076410010272 0ustar00 MySQL MySQL Database Server services/bittorrent-lsd.xml000064400000000632151477076410012102 0ustar00 BitTorrent Local Peer Discovery (LSD) Local Peer Discovery is a protocol designed to support the discovery of BitTorrent peers on a local area network. Enable this service if you run a BitTorrent client. services/gre.xml000064400000000167151477076410007706 0ustar00 services/prometheus-node-exporter.xml000064400000000342151477076410014110 0ustar00 prometheus-node-exporter The node-exporter agent for Prometheus monitoring system. services/checkmk-agent.xml000064400000000352151477076410011626 0ustar00 checkmk agent The checkmk monitoring agent runs on clients to provide detailed host state. services/mqtt-tls.xml000064400000000450151477076410010711 0ustar00 mqtt-tls The Message Queuing Telemetry Transport (MQTT) is a machine-to-machine connectivity protocol. This variant of the protocol uses TLS encryption. services/ldap.xml000064400000000307151477076410010045 0ustar00 LDAP Lightweight Directory Access Protocol (LDAP) server services/afp.xml000064400000000540151477076410007672 0ustar00 AFP The Apple Filing Protocol (AFP), formerly AppleTalk Filing Protocol, is a proprietary network protocol, and part of the Apple File Service (AFS), that offers file services for macOS and the classic Mac OS. services/kubelet-worker.xml000064400000000324151477076410012066 0ustar00 Kubernetes Worker Node Backwards compatibility after service renaming services/ptp.xml000064400000000650151477076410007731 0ustar00 Precision Time Protocol (PTP) Master The Precision Time Protocol (PTP) allows to synchronize computers to a time master. Enable this option, if you are providing a PTP master. You need the linuxptp package installed for this option to be useful. services/etcd-server.xml000064400000000460151477076410011350 0ustar00 etcd Server etcd implements a distributed key value store that provides a reliably way to store data across a cluster of machines. This is the server side port. services/ircs.xml000064400000000377151477076410010074 0ustar00 IRC TLS/SSL An IRCd, short for Internet Relay Chat daemon, is server software that implements the IRC protocol. services/kube-api.xml000064400000000314151477076410010620 0ustar00 Kubernetes Kubelet Backwards compatibility after service renaming services/bitcoin-testnet-rpc.xml000064400000000463151477076410013025 0ustar00 Bitcoin testnet RPC Enable this option if you need access to the Bitcoin RPC interface running on the testnet. This is not required when connecting on localhost. services/RH-Satellite-6-capsule.xml000064400000000575151477076410013166 0ustar00 Red Hat Satellite 6 Capsule Red Hat Satellite 6 is a systems management server that can be used to configure new systems, subscribe to updates, and maintain installations in distributed environments. services/mqtt.xml000064400000000437151477076410010116 0ustar00 mqtt The Message Queuing Telemetry Transport (MQTT) is a machine-to-machine connectivity protocol. This variant of the protocol is unencrypted. services/telnet.xml000064400000000611151477076410010416 0ustar00 Telnet Telnet is a protocol for logging into remote machines. It is unencrypted, and provides little security from network snooping attacks. Enabling telnet is not recommended. You need the telnet-server package installed for this option to be useful. services/spideroak-lansync.xml000064400000000625151477076410012556 0ustar00 SpiderOak ONE LAN-Sync SpiderOak ONE is online backup and file hosting service that allows users to access, synchronize and share data using a cloud-based server. Enable this option if you use LAN-Sync option of SpiderOak. services/ipp-client.xml000064400000000706151477076410011174 0ustar00 Network Printing Client (IPP) The Internet Printing Protocol (IPP) is used for distributed printing. IPP (over udp) provides the ability to get information about a printer (e.g. capability and status) and to control printer jobs. If you plan to use a remote network printer via cups, do not disable this option. services/xmpp-local.xml000064400000000410151477076410011174 0ustar00 XMPP Link-Local Messaging Serverless XMPP-like communication over local networks based on zero-configuration networking. services/ws-discovery-client.xml000064400000000543151477076410013041 0ustar00 WS-Discovery Client Web Services Dynamic Discovery (WS-Discovery) is a technical specification that defines a multicast discovery protocol to locate services on a local network. Use only in trusted zones.

services/docker-swarm.xml000064400000000607151477076410011526 0ustar00 Docker integrated swarm mode Natively managed cluster of Docker Engines (>=1.12.0), where you deploy services. services/svdrp.xml000064400000000437151477076410010267 0ustar00 SVDRP The Simple Video Disk Recorder Protocol (SVDRP) allows to control video disk recorder functionality. services/snmp.xml000064400000000526151477076410010105 0ustar00 SNMP Simple Network Management Protocol is an "Internet-standard protocol for managing devices on IP networks". Enable this service if you run SNMP agent (server). services/llmnr.xml000064400000001007151477076410010247 0ustar00 LLMNR Link-Local Multicast Name Resolution (LLMNR) allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local network. This service matches incoming queries; it will allow this host to be resolved by other hosts. In order to allow this host to resolve other hosts, use the llmnr-client service. services/ganglia-master.xml000064400000000260151477076410012016 0ustar00 ganglia-master Ganglia collector services/ssdp.xml000064400000000645151477076410010103 0ustar00 Simple Service Discovery Protocol (SSDP) The Simple Service Discovery Protocol (SSDP) is a network protocol based on the Internet protocol suite for advertisement and discovery of network services and presence information. services/llmnr-udp.xml000064400000000717151477076410011044 0ustar00 LLMNR (UDP) Link-Local Multicast Name Resolution (LLMNR) allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local network. This service matches incoming queries; it will allow this host to be resolved by other hosts. services/freeipa-ldap.xml000064400000000750151477076410011460 0ustar00 FreeIPA with LDAP (deprecated) This service is deprecated. Please use freeipa-4 service instead. services/nrpe.xml000064400000000367151477076410010077 0ustar00 NRPE NRPE allows you to execute Nagios plugins on a remote host in as transparent a manner as possible. services/ms-wbt.xml000064400000000264151477076410010340 0ustar00 ms-wbt Microsoft Windows-based Terminal Server services/radius.xml000064400000001010151477076410010404 0ustar00 RADIUS The Remote Authentication Dial In User Service (RADIUS) is a protocol for user authentication over networks. It is mostly used for modem, DSL or wireless user authentication. If you plan to provide a RADIUS service (e.g. with freeradius), enable this option. services/mdns.xml000064400000000650151477076410010067 0ustar00 Multicast DNS (mDNS) mDNS provides the ability to use DNS programming interfaces, packet formats and operating semantics in a small network without a conventional DNS server. If you plan to use Avahi, do not disable this option. services/dropbox-lansync.xml000064400000000344151477076410012250 0ustar00 dropboxlansync Dropbox LAN sync services/ipp.xml000064400000000653151477076410007721 0ustar00 Network Printing Server (IPP) The Internet Printing Protocol (IPP) is used for distributed printing. IPP (over tcp) provides the ability to share printers over the network. Enable this option if you plan to share printers via cups over the network. services/prometheus.xml000064400000000325151477076410011320 0ustar00 prometheus The Prometheus monitoring system and time series database. services/redis-sentinel.xml000064400000000324151477076410012051 0ustar00 redis-sentinel Redis Sentinel provides high availability for Redis. services/docker-registry.xml000064400000000566151477076410012251 0ustar00 Docker Registry Docker Registry is the protocol used to serve Docker images. If you plan to make your Docker Registry server publicly available, enable this option. This option is not required for developing Docker images locally. services/mountd.xml000064400000000323151477076410010431 0ustar00 mountd NFS Mount Lock Daemon services/kube-controller-manager-secure.xml000064400000000441151477076410015127 0ustar00 Kubernetes Controller Manager - Secure The Kubernetes controller manager is a daemon that embeds the core control loops shipped with Kubernetes. services/snmptrap.xml000064400000000464151477076410010775 0ustar00 SNMPTRAP SNMP traps enable an agent to notify the management station of significant events by way of an unsolicited SNMP message. services/tor-socks.xml000064400000001403151477076410011047 0ustar00 Tor - SOCKS Proxy Tor enables online anonymity and censorship resistance by directing Internet traffic through a network of relays. It conceals user's location from anyone conducting network surveillance and traffic analysis. A user wishing to use Tor for anonymity can configure a program such as a web browser to direct traffic to a Tor client using its SOCKS proxy port. Enable this if you run Tor and would like to configure your web browser or other programs to channel their traffic through the Tor SOCKS proxy port. It is recommended that you make this service available only for your computer or your internal networks. services/puppetmaster.xml000064400000000451151477076410011656 0ustar00 Puppet Master Puppet is a network tool for managing many disparate systems. Puppet Master is a server which Puppet Agents pull their configurations from. services/rsh.xml000064400000000466151477076410007727 0ustar00 rsh Rsh is a protocol for logging into remote machines. It is unencrypted, and provides little security from network snooping attacks. Enabling rsh is not recommended. services/nmea-0183.xml000064400000000445151477076410010441 0ustar00 nmea-0183 NMEA-0183 Navigational Data server for use with Global Navigation Satellite System (GNSS) devices. services/iscsi-target.xml000064400000000410151477076410011516 0ustar00 iSCSI target Internet SCSI target is a storage resource located on an iSCSI server. services/kube-controller-manager.xml000064400000000430151477076410013641 0ustar00 Kubernetes Controller Manager The Kubernetes controller manager is a daemon that embeds the core control loops shipped with Kubernetes. services/dhcpv6-client.xml000064400000000461151477076410011574 0ustar00 DHCPv6 Client This option allows a DHCP for IPv6 (DHCPv6) client to obtain addresses and other IPv6 settings from DHCPv6 server. services/pop3s.xml000064400000000545151477076410010175 0ustar00 POP-3 over SSL The Post Office Protocol version 3 (POP3) is a protocol to retrieve email from a remote server over a TCP/IP connection. Enable this option, if you plan to provide a POP3 service (e.g. with dovecot). services/libvirt.xml000064400000000605151477076410010601 0ustar00 Virtual Machine Management Enable this option if you want to allow remote virtual machine management with SASL authentication and encryption (digest-md5 passwords or GSSAPI/Kerberos). The libvirtd service is needed for this option to be useful. services/slp.xml000064400000000453151477076410007725 0ustar00 SLP The Service Location Protocol (SLP) is used for discovering services in a local network without prior configuration. services/amqps.xml000064400000000433151477076410010246 0ustar00 amqps The Advanced Message Queuing Protocol (AMQP) over SSL is an open standard application layer protocol for message-oriented middleware. services/mosh.xml000064400000000731151477076410010074 0ustar00 Mobile shell that supports roaming and intelligent local echo. Mosh is a remote terminal application that supports intermittent network connectivity, roaming to different IP address without dropping the connection, intelligent local echo and line editing to reduct the effects of "network lag" on high-latency connections. services/etcd-client.xml000064400000000460151477076410011320 0ustar00 etcd Client etcd implements a distributed key value store that provides a reliably way to store data across a cluster of machines. This is the client side port. services/samba-client.xml000064400000000523151477076410011464 0ustar00 Samba Client This option allows you to access Windows file and printer sharing networks. You need the samba-client package installed for this option to be useful. services/vnc-server.xml000064400000000733151477076410011222 0ustar00 Virtual Network Computing Server (VNC) A VNC server provides an external accessible X session. Enable this option if you plan to provide a VNC server with direct access. The access will be possible for displays :0 to :3. If you plan to provide access with SSH, do not open this option and use the via option of the VNC viewer. services/nbd.xml000064400000000372151477076410007672 0ustar00 NBD Network Block Device (NBD) is a high-performance protocol for exporting disk images between machines. services/ident.xml000064400000000445151477076410010233 0ustar00 Ident Protocol The Identification Protocol as specified in RFC 1413, which is used to determine the identity of a user of a particular TCP connection. services/mongodb.xml000064400000000355151477076410010555 0ustar00 mongodb MongoDB is a free and open-source cross-platform document-oriented database program. services/ldaps.xml000064400000000350151477076410010226 0ustar00 LDAPS Lightweight Directory Access Protocol (LDAP) over Secure Sockets Layer (SSL) server services/smtps.xml000064400000001101151477076410010264 0ustar00 Mail (SMTP over SSL) This option allows incoming SMTPs mail delivery. If you need to allow remote hosts to connect directly to your machine to deliver mail in a secure way, enable this option. You do not need to enable this if you collect your mail from your ISP's server by POP3 or IMAP, or if you use a tool such as fetchmail. Note that an improperly configured SMTP server can allow remote machines to use your server to send spam. services/ganglia-client.xml000064400000000270151477076410012002 0ustar00 ganglia-client Ganglia monitoring daemon services/salt-master.xml000064400000000511151477076410011356 0ustar00 Salt Master Salt is a protocol used for infrastructure management via a dynamic communication bus. These ports are required on the salt master node. services/amanda-client.xml000064400000000617151477076410011626 0ustar00 Amanda Backup Client The Amanda backup client option allows you to connect to a Amanda backup and archiving server. You need the amanda-client package installed for this option to be useful. services/kubelet-readonly.xml000064400000000364151477076410012376 0ustar00 Kubernetes Kubelet read The kubelet API is used to communicate between kube-scheduler and the node. services/dns.xml000064400000000532151477076410007711 0ustar00 DNS The Domain Name System (DNS) is used to provide and request host and domain names. Enable this option, if you plan to provide a domain name service (e.g. with bind). services/spotify-sync.xml000064400000000423151477076410011573 0ustar00 Spotify Client Sync The Spotify Client allows you to sync local music files with your phone. services/samba-dc.xml000064400000001416151477076410010576 0ustar00 Samba DC This option allows you to use this computer as a Samba Active Directory Domain Controller. You need the samba-dc package installed for this option to be useful. services/kube-control-plane.xml000064400000001031151477076410012621 0ustar00 Kubernetes Control-plane Node The Kubernetes Control-plane Node runs all the services of the Kubernetes Control Plane. This includes kube-apiserver, etcd, kube-schedule, kube-controller-manager, cloud-controller-manager, and others services/sane.xml000064400000000504151477076410010052 0ustar00 SANE network daemon (saned) The SANE (Scanner Access Now Easy) daemon allows remote clients to access image acquisition devices available on the local host. services/ipfs.xml000064400000000473151477076410010072 0ustar00 IPFS The InterPlanetary File System (IPFS) is a peer-to-peer hypermedia protocol designed to make the web faster, safer, and more open ipsets/README.md000064400000000035151477076410007344 0ustar00Location for built-in ipsets