Default Service Configuration Reference Tables
Revised: February 4, 2011, OL-8410-13
Introduction
This chapter describes the default service configuration provided with the Cisco Service Control Application for Broadband (SCA BB). The default service configuration serves as a starting point for creating a service configuration tailored to customers' needs.
•Filter Rules
•Information About Protocols
•Services
•RDR Settings
•Rules
•System Mode
Filter Rules
Filter rules allow you to instruct the Service Control Engine (SCE) platform to ignore some types of flow based on the flow's Layer 3 and Layer 4 properties, and transmit the flows unchanged.
Table 1-1 lists the filter rules defined in the default service configuration.
Table 1-1 Filter Rules
|
|
|
ICMP Filter |
Active |
Applies to ICMP packets, packets bypass the policy engine and are mapped to CoS BE |
DNS (to network) |
Active |
Applies to UDP packets, network-side port is equal to 53, packets bypass the policy engine and are mapped to CoS BE |
DNS (to subscriber) |
Active |
Applies to UDP packets, subscriber-side port is equal to 53, packets bypass the policy engine and are mapped to CoS BE |
net-bios (to network) |
Active |
Applies to UDP packets, network-side port is equal to 137, packets bypass the policy engine and are mapped to CoS BE |
net-bios (to subscriber) |
Active |
Applies to UDP packets, network-side port is equal to 137, packets bypass the policy engine and are mapped to CoS BE |
eDonkey UDP (to network) |
Inactive |
Applies to UDP packets, network-side ports in the range 4661 to 4665, packets bypass the policy engine and are mapped to CoS BE |
eDonkey UDP (to subscriber) |
Inactive |
Applies to UDP packets, subscriber-side ports in the range 4661 to 4665, packets bypass the policy engine and are mapped to CoS BE |
eMule UDP (to network) |
Inactive |
Applies to UDP packets, network-side ports in the range 4670 to 4674, packets bypass the policy engine and are mapped to CoS BE |
eMule UDP (to subscriber) |
Inactive |
Applies to UDP packets, subscriber-side ports in the range 4670 to 4674, packets bypass the policy engine and are mapped to CoS BE |
eMule UDP 2 (to network) |
Inactive |
Applies to UDP packets, network-side ports in the range 5670 to 5674, packets bypass the policy engine and are mapped to CoS BE |
eMule UDP 2 (to subscriber) |
Inactive |
Applies to UDP packets, subscriber-side ports in the range 5670 to 5674, packets bypass the policy engine and are mapped to CoS BE |
eMule UDP 3 (to network) |
Inactive |
Applies to UDP packets, network-side ports in the range 5780 to 5784, packets bypass the policy engine and are mapped to CoS BE |
eMule UDP 3 (to subscriber) |
Inactive |
Applies to UDP packets, subscriber-side ports in the range 5780 to 5784, packets bypass the policy engine and are mapped to CoS BE |
BGP Filter |
Active |
Applies to TCP packets, network-side port is equal to 179, packets bypass the policy engine and are mapped to CoS BE |
DHCP Filter |
Inactive |
Applies to UDP packets, network-side ports in the range 67 to 68, packets bypass the policy engine and are mapped to CoS BE |
OSPF Filter |
Active |
Applies to OSPFIGP packets, packets bypass the policy engine and are mapped to CoS BE |
IS-IS Filter |
Inactive |
Applies to ISIS packets, packets bypass the policy engine and are mapped to CoS BE |
IGRP Filter |
Active |
Applies to IGP packets, packets bypass the policy engine and are mapped to CoS BE |
EIGRP Filter |
Active |
Applies to EIGRP packets, packets bypass the policy engine and are mapped to CoS BE |
HSRP Filter 1 |
Active |
Applies to UDP packets, network-side IP is equal to 224.0.0.2, packets bypass the policy engine and are mapped to CoS BE |
HSRP Filter 2 |
Active |
Applies to UDP packets, network-side port is equal to 1985, packets bypass the policy engine and are mapped to CoS BE |
HSRP Filter 3 |
Active |
Applies to UDP packets, subscriber-side port is equal to 1985, packets bypass the policy engine and are mapped to CoS BE |
RIP Filter 1 |
Active |
Applies to UDP packets, network-side IP is equal to 224.0.0.9, packets bypass the policy engine and are mapped to CoS BE |
RIP Filter 2 |
Active |
Applies to UDP packets, network-side port is equal to 520, packets bypass the policy engine and are mapped to CoS BE |
RIP Filter 3 |
Active |
Applies to UDP packets, subscriber-side port is equal to 520, packets bypass the policy engine and are mapped to CoS BE |
RADIUS Filter |
Inactive |
Applies to UDP packets, network-side port is equal to 1812, packets bypass the policy engine and are mapped to CoS BE |
RADIUS Filter (early deployment) |
Inactive |
Applies to UDP packets, network-side ports in the range 1645 to 1646, packets bypass the policy engine and are mapped to CoS BE |
Information About Protocols
Protocols are divided into four groups:
•Generic Protocols—These protocols are used for transactions that were not mapped to a service by one of the more specific protocol types.
•Signature-Based Protocols—Protocols classified according to a Layer 7 application signature. This group includes the most common protocols, such as HTTP and FTP, and a large group of popular P2P protocols.
•IP Protocols—Protocols (such as ICMP), other than TCP and UDP protocols, identified according to the IP protocol number of the transaction.
•Port-Based Protocols—TCP and UDP protocols that are classified according to their well-known ports. The default configuration includes more than 600 common port-based protocols.
You may add new protocols (for example, to classify a new gaming protocol that uses a specific port) and edit or remove existing ones.
The tables in the following sections list the protocols defined in the default service configuration.
•Generic Protocols
•Signature-Based Protocols
•IP Protocols
•Port-Based Protocols
•Protocols Identified on Unidirectional Flows
Generic Protocols
The three generic protocols (IP, TCP, and UDP) serve as default containers for classifying transactions of the relevant type (IP, TCP, or UDP) that were not classified as belonging to a more specific protocol.
A transaction is classified as belonging to one of the generic protocols if it meets both the following conditions:
•It was not classified as belonging to a signature-based protocol.
•It was not classified as belonging to an IP or port-based protocol that is specifically mapped to a service.
Table 1-2 Generic Protocols
|
|
|
Generic IP |
10 |
Any non-TCP/UDP transaction where the related IP protocol is not specifically mapped to a service. |
Generic TCP |
0 |
Any TCP transaction that does not match any signature-based protocol, and where the related port-based protocol (if it exists) is not specifically mapped to a service1. |
Generic UDP |
1 |
Any UDP transaction that does not match any signature-based protocol, and where the related port-based protocol (if it exists) is not specifically mapped to a service. |
Signature-Based Protocols
A transaction is classified as belonging to one of the signature-based protocols if it is carried on the protocol's well-known port or matches the protocol's signature.
Note Table 1-3 only lists signature-based protocols that are not P2P, VoIP, or SIP protocols (these protocols are listed in the following tables). However, the Signature-Based Protocols Filter in the Console lists all signature-based protocols.
Table 1-3 Signature-Based Protocols
|
|
|
|
Audio over HTTP |
1041 |
|
|
Baidu Movie |
1043 |
|
|
Behavioral Upload/Download See note following table. |
127 |
|
|
Binary over HTTP |
1042 |
|
|
CUWorld |
117 |
|
|
Club Box |
1038 |
|
|
DHCP |
33 |
|
|
DHT |
106 |
|
|
DNS |
47 |
|
|
DingoTel |
42 |
|
|
FTP |
4 |
21 |
|
Flash |
2033 |
|
|
Flash YouTube |
2034 |
|
|
Flash MySpace |
2035 |
|
|
Flash Yahoo |
2036 |
|
|
Fring |
1052 |
|
|
Generic Non-Established TCP See note following table |
126 |
|
|
Google Talk |
1030 |
|
|
GoogleEarth |
118 |
|
|
HTTP Browsing |
2 |
80,8080 |
|
HTTP Tunnel |
55 |
|
|
Hopster |
115 |
|
|
ICQ |
119 |
|
|
IRC |
62 |
|
|
Jabber |
116 |
|
|
MMS |
6 |
1755 |
|
MS Push Mail |
1048 |
|
|
Mobile MMS |
46 |
|
|
MyJabber |
1056 |
|
|
Napster |
32 |
|
|
NTP |
54 |
123 |
|
POP3 |
9 |
110 |
|
QQ |
52 |
|
|
RTSP Streaming |
5 |
554, 1554, 7070 |
|
Second Life |
1060 |
|
|
SMTP |
8 |
25 |
|
SSDP |
53 |
|
|
STUN |
114 |
|
|
tftp |
60 |
69 |
69 |
Sling |
112 |
|
|
UC |
48 |
|
|
Video over HTTP |
1040 |
143 |
|
Yahoo Messenger |
40 |
5000-5001 |
5000-5001 |
iTunes |
30 |
|
|
imap |
59 |
143 |
143 |
radius |
738 |
|
|
Note Behavioral Upload/Download—Transactions that have download packet flow characteristics and do not match a more specific signature are classified to this protocol. This protocol applies to downloads both from the network side and from the subscriber side.
Note Generic Non-Established TCP—TCP flows that are not established properly (syn-ack is missing) are mapped to this protocol.
Table 1-4 Signature-Based P2P Protocols
|
|
|
|
Angle Media |
1063 |
|
|
AntsP2P |
113 |
|
|
BBBroadcast |
1058 |
|
|
BBC iPlayer |
1057 |
|
|
BaiBao |
43 |
|
|
Behavioral P2P |
2044 |
|
|
BitTorrent |
24 |
6881-6889 |
|
Dijjer |
120 |
|
|
DirectConnect |
19 |
411-413 |
|
Entropy |
125 |
|
|
Exosee |
121 |
|
|
FastTrack KaZaA File Transfer |
14 |
|
|
FastTrack KaZaA Networking |
13 |
1214 |
|
Feidian |
1037 |
|
|
Filetopia |
31 |
|
|
Freenet |
107 |
|
|
Furthur |
123 |
|
|
Gnutella File Transfer |
12 |
|
|
Gnutella Networking |
11 |
6346-6349 |
|
Hotline |
20 |
|
|
Joost |
1046 |
|
|
Konspire2b |
2031 |
6085 |
6085 |
Kontiki |
124 |
|
|
KuGoo |
1050 |
|
|
Manolito |
22 |
|
|
Mute |
34 |
|
|
NeoNet |
37 |
|
|
NodeZilla |
35 |
|
|
PacketiX |
1059 |
|
|
Pando |
1049 |
|
|
PeerEnabler |
122 |
|
|
Poco |
51 |
|
|
PPLive |
44 |
|
|
PPStream |
1074 |
|
|
QQ-Live |
2032 |
|
|
Rodi |
111 |
|
|
Share |
27 |
|
|
SopCast |
1064 |
|
|
Soulseek |
29 |
|
|
TVAnts |
109 |
|
|
Thunder |
50 |
|
|
Warez/FileCroc |
39 |
|
|
Waste |
36 |
|
|
WebThunder |
1055 |
|
|
WinMX/OpenNap |
16 |
6257, 6699 |
6257 |
Winny |
17 |
7742-7745, 7773 |
|
Zattoo |
1047 |
|
|
eDonkey |
18 |
4661-4665, 4672-4673, 4711, 5662, 5773, 5783 |
4661-4665, 4672-4673, 4711, 5662, 5773, 5783 |
EmuleEncrypted |
105 |
|
|
guruguru |
66 |
|
|
kuro |
67 |
|
|
soribada |
69 |
|
|
Table 1-5 Signature-Based VoIP Protocols
|
|
|
|
Behavioral SkypeIn |
2085 |
|
|
Behavioral SkypeOut |
2086 |
|
|
Behavioral VoIP |
1062 |
|
|
CUWorld Voice |
2072 |
|
|
CUWorld over RTP Voice |
2109 |
|
|
DingoTel |
42 |
|
|
Fring VoIP |
1053 |
|
|
Google Talk Voice |
2073 |
|
|
H323 |
28 |
1720 |
|
ICQ VoIP |
110 |
|
|
MGCP |
38 |
|
2427, 2727 |
MSN Messenger Video |
2113 |
|
|
MSN Messenger VoIP |
1054 |
|
|
NateOn |
1077 |
|
|
Naver |
1076 |
|
|
PTT Winphoria |
61 |
|
|
Primus |
108 |
|
|
QQ Voice |
2074 |
|
|
RTP |
57 |
|
|
SIP |
23 |
5060-5061 |
5060-5061 |
Skinny |
41 |
|
|
Skype |
25 |
|
|
Skype File Transfer |
2114 |
|
|
Skype VoIP |
2115 |
|
|
TeamSpeak |
1070 |
|
|
UC Voice |
2076 |
|
|
Vivox |
1061 |
|
|
Yahoo Messenger Video |
2112 |
|
|
Yahoo Messenger VoIP |
45 |
|
|
Yahoo VoIP over SIP |
2039 |
|
|
Note The protocols ICQ VoIP, Primus, SIP, and Yahoo VoIP over SIP are also signature-based SIP protocols.
IP Protocols
Table 1-6 lists the IP protocols supported by SCA BB.
Table 1-6 IP Protocols
|
|
|
0 |
HOPOPT |
756 |
1 |
ICMP |
757 |
2 |
IGMP |
758 |
3 |
GGP |
759 |
4 |
IP |
760 |
5 |
ST |
761 |
6 |
Generic TCP |
0 |
7 |
CBT |
762 |
8 |
EGP |
763 |
9 |
IGP |
764 |
10 |
BBN-RCC-MON |
765 |
11 |
NVP-II |
766 |
12 |
PUP |
767 |
13 |
ARGUS |
768 |
14 |
EMCON |
769 |
15 |
XNET |
770 |
16 |
CHAOS |
771 |
17 |
Generic UDP |
1 |
18 |
MUX |
772 |
19 |
DCN-MEAS |
773 |
20 |
HMP |
774 |
21 |
PRM |
775 |
22 |
XNS-IDP |
776 |
23 |
TRUNK-1 |
777 |
24 |
TRUNK-2 |
778 |
25 |
LEAF-1 |
779 |
26 |
LEAF-2 |
780 |
27 |
RDP |
780 |
28 |
IRTP |
782 |
29 |
ISO-TP4 |
783 |
30 |
NETBLT |
784 |
31 |
MFE-NSP |
785 |
32 |
MERIT-INP |
786 |
33 |
SEP |
787 |
34 |
3PC |
788 |
35 |
IDPR |
789 |
36 |
XTP |
790 |
37 |
DDP |
791 |
38 |
IDPR-CMTP |
792 |
39 |
TP++ |
793 |
40 |
IL |
794 |
41 |
IPv6-Over-IPv4 |
795 |
42 |
SDRP |
796 |
43 |
IPv6-Route |
797 |
44 |
IPv6-Frag |
798 |
45 |
IDRP |
799 |
46 |
RSVP |
800 |
47 |
GRE |
801 |
48 |
MHRP |
802 |
49 |
BNA |
803 |
50 |
ESP |
804 |
51 |
AH |
805 |
52 |
I-NLSP |
806 |
53 |
SWIPE |
807 |
54 |
NARP |
808 |
55 |
MOBILE |
809 |
56 |
TLSP |
810 |
57 |
SKIP |
811 |
58 |
IPv6-ICMP |
812 |
59 |
IPv6-NoNxt |
813 |
60 |
IPv6-Opts |
814 |
61 |
any host internal protocol |
815 |
62 |
CFTP |
816 |
63 |
any local network |
817 |
64 |
SAT-EXPAK |
818 |
65 |
KRYPTOLAN |
819 |
66 |
RVD |
820 |
67 |
IPPC |
821 |
68 |
any distributed file system |
822 |
69 |
SAT-MON |
823 |
70 |
VISA |
824 |
71 |
IPCV |
825 |
72 |
CPNX |
826 |
73 |
CPHB |
827 |
74 |
WSN |
828 |
75 |
PVP |
829 |
76 |
BR-SAT-MON |
830 |
77 |
SUN-ND |
831 |
78 |
WB-MON |
832 |
79 |
WB-EXPAK |
833 |
80 |
ISO-IP |
834 |
81 |
VMTP |
835 |
82 |
SECURE-VMTP |
836 |
83 |
VINES |
837 |
84 |
TTP |
838 |
85 |
NSFNET-IGP |
839 |
86 |
DGP |
840 |
87 |
TCF |
841 |
88 |
EIGRP |
842 |
89 |
OSPFIGP |
843 |
90 |
Sprite-RPC |
844 |
91 |
LARP |
845 |
92 |
MTP |
846 |
93 |
AX.25 |
847 |
94 |
IPIP |
848 |
95 |
MICP |
849 |
96 |
SCC-SP |
850 |
97 |
ETHERIP |
851 |
98 |
ENCAP |
852 |
99 |
any private encryption scheme |
853 |
100 |
GMTP |
854 |
101 |
IFMP |
855 |
102 |
PNNI |
856 |
103 |
PIM |
857 |
104 |
ARIS |
858 |
105 |
SCPS |
859 |
106 |
QNX |
860 |
107 |
A/N |
861 |
108 |
IPComp |
862 |
109 |
SNP |
863 |
110 |
Compaq-Peer |
864 |
111 |
IPX-in-IP |
865 |
112 |
VRRP |
866 |
113 |
PGM |
867 |
114 |
any 0-hop protocol |
868 |
115 |
L2TP |
869 |
116 |
DDX |
870 |
117 |
IATP |
871 |
118 |
STP |
872 |
119 |
SRP |
873 |
120 |
UTI |
874 |
121 |
SMP |
875 |
122 |
SM |
876 |
123 |
PTP |
877 |
124 |
ISIS |
878 |
125 |
FIRE |
879 |
126 |
CRTP |
880 |
Port-Based Protocols
Table 1-7 lists the TCP/UDP port-based protocols defined in the SCA BB default service configuration.
Table 1-7 Port-Based Protocols
|
|
|
|
MMS |
6 |
|
1755 |
NNTP |
15 |
119 |
|
WinMX/OpenNap |
16 |
6257,6699 |
6257 |
Winny |
17 |
7742-7745, 7773 |
|
Bittorrent |
24 |
6881 - 6889 |
|
MGCP |
38 |
|
2427 |
Yahoo Messenger |
40 |
5000-5001 |
5000-5001 |
imap |
59 |
143 |
143 |
IRC |
62 |
194, 6665-6669 |
194, 6665-6669 |
epmap |
128 |
135 |
135 |
profile |
129 |
136 |
136 |
netbios-ns |
130 |
137 |
137 |
netbios-dgm |
131 |
138 |
138 |
netbios-ssn |
132 |
139 |
139 |
emfis-data |
133 |
140 |
140 |
emfis-cntl |
134 |
141 |
141 |
bl-idm |
135 |
142 |
142 |
uma |
137 |
144 |
144 |
uaac |
138 |
145 |
145 |
iso-tp0 |
139 |
146 |
146 |
iso-ip |
140 |
147 |
147 |
jargon |
141 |
148 |
148 |
aed-512 |
142 |
149 |
149 |
sql-net |
143 |
150 |
150 |
hems |
144 |
151 |
151 |
bftp |
145 |
152 |
152 |
sgmp |
146 |
153 |
153 |
netsc-prod |
147 |
154 |
154 |
netsc-dev |
148 |
155 |
155 |
sqlsrv |
149 |
156 |
156 |
knet-cmp |
150 |
157 |
157 |
nss-routing |
152 |
159 |
159 |
sgmp-traps |
153 |
160 |
160 |
snmp |
154 |
161 |
161 |
snmptrap |
155 |
162 |
162 |
cmip-man |
156 |
163 |
163 |
cmip-agent |
157 |
164 |
164 |
xns-courier |
158 |
165 |
165 |
s-net |
159 |
166 |
166 |
namp |
160 |
167 |
167 |
rsvd |
161 |
168 |
168 |
send |
162 |
169 |
169 |
print-srv |
163 |
170 |
170 |
multiplex |
164 |
171 |
171 |
cl/1 |
165 |
172 |
172 |
xyplex-mux |
166 |
173 |
173 |
mailq |
167 |
174 |
174 |
vmnet |
168 |
175 |
175 |
genrad-mux |
169 |
176 |
176 |
xdmcp |
170 |
177 |
177 |
nextstep |
171 |
178 |
178 |
bgp |
172 |
179 |
179 |
ris |
173 |
180 |
180 |
unify |
174 |
181 |
181 |
audit |
175 |
182 |
182 |
audit |
176 |
183 |
183 |
ocserver |
177 |
184 |
184 |
remote-kis |
178 |
185 |
185 |
kis |
179 |
186 |
186 |
aci |
180 |
187 |
187 |
mumps |
181 |
188 |
188 |
qft |
182 |
189 |
189 |
gacp |
183 |
190 |
190 |
prospero |
184 |
191 |
191 |
osu-nms |
185 |
192 |
192 |
srmp |
186 |
193 |
193 |
dn6-nlm-aud |
188 |
195 |
195 |
dn6-smm-red |
189 |
196 |
196 |
dls |
190 |
197 |
197 |
dls-mon |
191 |
198 |
198 |
smux |
192 |
199 |
199 |
src |
193 |
200 |
200 |
at-rtmp |
194 |
201 |
201 |
at-nbp |
195 |
202 |
202 |
at-3 |
196 |
203 |
203 |
at-echo |
197 |
204 |
204 |
at-5 |
198 |
205 |
205 |
at-zis |
199 |
206 |
206 |
at-7 |
200 |
207 |
207 |
at-8 |
201 |
208 |
208 |
qmtp |
202 |
209 |
209 |
z39.50 |
203 |
210 |
210 |
914c/g |
204 |
211 |
211 |
anet |
205 |
212 |
212 |
ipx |
206 |
213 |
213 |
vmpwscs |
207 |
214 |
214 |
softpc |
208 |
215 |
215 |
CAIlic |
209 |
216 |
216 |
dbase |
210 |
217 |
217 |
mpp |
211 |
218 |
218 |
uarps |
212 |
219 |
219 |
imap3 |
213 |
220 |
220 |
fln-spx |
214 |
221 |
221 |
rsh-spx |
215 |
222 |
222 |
cdc |
216 |
223 |
223 |
masqdialer |
217 |
224 |
224 |
direct |
218 |
242 |
242 |
sur-meas |
219 |
243 |
243 |
inbusiness |
220 |
244 |
244 |
link |
221 |
245 |
245 |
dsp3270 |
222 |
246 |
246 |
bhfhs |
224 |
248 |
248 |
set |
225 |
257 |
257 |
yak-chat |
226 |
258 |
258 |
esro-gen |
227 |
259 |
259 |
openport |
228 |
260 |
260 |
nsiiops |
229 |
261 |
261 |
arcisdms |
230 |
262 |
262 |
hdap |
231 |
263 |
263 |
bgmp |
232 |
264 |
264 |
x-bone-ctl |
233 |
265 |
265 |
sst |
234 |
266 |
266 |
td-service |
235 |
267 |
267 |
td-replica |
236 |
268 |
268 |
http-mgmt |
237 |
280 |
280 |
personal-link |
238 |
281 |
281 |
cableport-ax |
239 |
282 |
282 |
rescap |
240 |
283 |
283 |
corerjd |
241 |
284 |
284 |
fxp-1 |
242 |
286 |
286 |
k-block |
243 |
287 |
287 |
novastorbakcup |
244 |
308 |
308 |
entrusttime |
245 |
309 |
309 |
bhmds |
246 |
310 |
310 |
asip-webadmin |
247 |
311 |
311 |
vslmp |
248 |
312 |
312 |
magenta-logic |
249 |
313 |
313 |
opalis-robot |
250 |
314 |
314 |
dpsi |
251 |
315 |
315 |
decauth |
252 |
316 |
316 |
zannet |
253 |
317 |
317 |
pkix-timestamp |
254 |
318 |
318 |
ptp-event |
255 |
319 |
319 |
ptp-general |
256 |
320 |
320 |
pip |
257 |
321 |
321 |
rtsps |
258 |
322 |
322 |
texar |
259 |
333 |
333 |
pdap |
260 |
344 |
344 |
pawserv |
261 |
345 |
345 |
zserv |
262 |
346 |
346 |
fatserv |
263 |
347 |
347 |
csi-sgwp |
264 |
348 |
348 |
mftp |
265 |
349 |
349 |
matip-type-a |
266 |
350 |
350 |
matip-type-b |
267 |
351 |
351 |
dtag-ste-sb |
268 |
352 |
352 |
ndsauth |
269 |
353 |
353 |
bh611 |
270 |
354 |
354 |
datex-asn |
271 |
355 |
355 |
cloanto-net-1 |
272 |
356 |
356 |
bhevent |
273 |
357 |
357 |
shrinkwrap |
274 |
358 |
358 |
nsrmp |
275 |
359 |
359 |
scoi2odialog |
276 |
360 |
360 |
semantix |
277 |
361 |
361 |
srssend |
278 |
362 |
362 |
rsvp_tunnel |
279 |
363 |
363 |
aurora-cmgr |
280 |
364 |
364 |
dtk |
281 |
365 |
365 |
odmr |
282 |
366 |
366 |
mortgageware |
283 |
367 |
367 |
qbikgdp |
284 |
368 |
368 |
rpc2portmap |
285 |
369 |
369 |
codaauth2 |
286 |
370 |
370 |
clearcase |
287 |
371 |
371 |
ulistproc |
288 |
372 |
372 |
legent-1 |
289 |
373 |
373 |
legent-2 |
290 |
374 |
374 |
hassle |
291 |
375 |
375 |
nip |
292 |
376 |
376 |
tnETOS |
293 |
377 |
377 |
dsETOS |
294 |
378 |
378 |
is99c |
295 |
379 |
379 |
is99s |
296 |
380 |
380 |
hp-collector |
297 |
381 |
381 |
hp-managed-node |
298 |
381 |
382 |
hp-alarm-mgr |
299 |
383 |
383 |
arns |
300 |
384 |
384 |
ibm-app |
301 |
385 |
385 |
asa |
302 |
386 |
386 |
aurp |
303 |
387 |
387 |
unidata-ldm |
304 |
388 |
388 |
ldap |
305 |
|
389 |
uis |
306 |
390 |
390 |
synotics-relay |
307 |
391 |
391 |
synotics-broker |
308 |
392 |
392 |
meta5 |
309 |
393 |
393 |
embl-ndt |
310 |
394 |
394 |
netware-ip |
311 |
396 |
396 |
mptn |
312 |
397 |
397 |
kryptolan |
313 |
398 |
398 |
iso-tsap-c2 |
314 |
399 |
399 |
work-sol |
315 |
400 |
400 |
ups |
316 |
401 |
401 |
genie |
317 |
402 |
402 |
decap |
318 |
403 |
403 |
nced |
319 |
404 |
404 |
ncld |
320 |
405 |
405 |
imsp |
321 |
406 |
406 |
timbuktu |
322 |
407 |
407 |
prm-sm |
323 |
408 |
408 |
prm-nm |
324 |
409 |
409 |
decladebug |
325 |
410 |
410 |
rmt |
326 |
|
411 |
synoptics-trap |
327 |
|
412 |
smsp |
328 |
|
413 |
infoseek |
329 |
414 |
414 |
bnet |
330 |
415 |
415 |
silverplatter |
331 |
416 |
416 |
onmux |
332 |
417 |
417 |
hyper-g |
333 |
418 |
418 |
ariel1 |
334 |
419 |
419 |
smpte |
335 |
420 |
420 |
ariel2 |
336 |
421 |
421 |
ariel3 |
337 |
422 |
422 |
opc-job-start |
338 |
423 |
423 |
opc-job-track |
339 |
424 |
424 |
icad-el |
340 |
425 |
425 |
smartsdp |
341 |
426 |
426 |
svrloc |
342 |
427 |
427 |
ocs_cmu |
343 |
428 |
428 |
ocs_amu |
344 |
429 |
429 |
utmpsd |
345 |
430 |
430 |
utmpcd |
346 |
431 |
431 |
iasd |
347 |
432 |
432 |
nnsp |
348 |
433 |
433 |
mobileip-agent |
349 |
434 |
434 |
mobilip-mn |
350 |
435 |
435 |
dna-cml |
351 |
436 |
436 |
comscm |
352 |
437 |
437 |
dsfgw |
353 |
438 |
438 |
dasp |
354 |
439 |
439 |
sgcp |
355 |
440 |
440 |
decvms-sysmgt |
356 |
441 |
441 |
cvc_hostd |
357 |
442 |
442 |
https |
358 |
443 |
|
snpp |
359 |
444 |
444 |
microsoft-ds |
360 |
445 |
445 |
ddm-rdb |
361 |
446 |
446 |
ddm-dfm |
362 |
447 |
447 |
ddm-ssl |
363 |
448 |
448 |
as-servermap |
364 |
449 |
449 |
tserver |
365 |
450 |
450 |
sfs-smp-net |
366 |
451 |
451 |
sfs-config |
367 |
452 |
452 |
creativeserver |
368 |
453 |
453 |
contentserver |
369 |
454 |
454 |
creativepartnr |
370 |
455 |
455 |
scohelp |
371 |
457 |
457 |
appleqtc |
372 |
458 |
458 |
ampr-rcmd |
373 |
459 |
459 |
skronk |
374 |
460 |
460 |
datasurfsrv |
375 |
461 |
461 |
datasurfsrvsec |
376 |
462 |
462 |
alpes |
377 |
463 |
463 |
kpasswd |
378 |
464 |
464 |
url-rendezvous |
379 |
465 |
465 |
digital-vrc |
380 |
466 |
466 |
mylex-mapd |
381 |
467 |
467 |
photuris |
382 |
468 |
468 |
rcp |
383 |
469 |
469 |
scx-proxy |
384 |
470 |
470 |
mondex |
385 |
471 |
471 |
ljk-login |
386 |
472 |
472 |
hybrid-pop |
387 |
473 |
473 |
tn-tl-w1 |
388 |
474 |
|
tn-tl-w2 |
389 |
|
474 |
tn-tl-fd1 |
380 |
476 |
476 |
ss7ns |
391 |
477 |
477 |
spsc |
392 |
478 |
478 |
iafserver |
393 |
479 |
479 |
iafdbase |
394 |
480 |
480 |
ph |
395 |
481 |
481 |
bgs-nsi |
396 |
482 |
482 |
ulpnet |
397 |
483 |
483 |
integra-sme |
398 |
484 |
484 |
powerburst |
399 |
485 |
485 |
avian |
400 |
486 |
486 |
saft |
401 |
487 |
487 |
gss-http |
402 |
488 |
488 |
nest-protocol |
403 |
489 |
489 |
micom-pfs |
404 |
490 |
490 |
go-login |
405 |
491 |
491 |
ticf-1 |
406 |
492 |
492 |
ticf-2 |
407 |
493 |
493 |
pov-ray |
408 |
494 |
494 |
intecourier |
409 |
495 |
495 |
pim-rp-disc |
410 |
496 |
496 |
dantz |
411 |
497 |
497 |
siam |
412 |
498 |
498 |
iso-ill |
413 |
499 |
499 |
isakmp |
414 |
500 |
500 |
stmf |
415 |
501 |
501 |
asa-appl-proto |
416 |
502 |
502 |
intrinsa |
417 |
503 |
503 |
citadel |
418 |
504 |
504 |
mailbox-lm |
419 |
505 |
505 |
ohimsrv |
420 |
506 |
506 |
crs |
421 |
507 |
507 |
xvttp |
422 |
508 |
508 |
snare |
423 |
509 |
509 |
fcp |
424 |
510 |
510 |
passgo |
425 |
511 |
511 |
exec |
426 |
512 |
|
biff |
427 |
|
512 |
login |
428 |
513 |
|
who |
429 |
|
513 |
shell |
430 |
514 |
|
syslog |
431 |
|
514 |
printer |
432 |
515 |
515 |
videotex |
433 |
516 |
516 |
talk |
434 |
517 |
517 |
ntalk |
435 |
518 |
518 |
utime |
436 |
519 |
519 |
efs |
437 |
520 |
|
router |
438 |
|
520 |
ripng |
439 |
521 |
521 |
ulp |
440 |
522 |
522 |
ibm-db2 |
441 |
523 |
523 |
ncp |
442 |
524 |
524 |
timed |
443 |
525 |
525 |
tempo |
444 |
526 |
526 |
stx |
445 |
527 |
527 |
custix |
446 |
528 |
528 |
irc-serv |
447 |
529 |
529 |
courier |
448 |
530 |
530 |
conference |
449 |
531 |
531 |
netnews |
450 |
532 |
532 |
netwall |
451 |
533 |
533 |
mm-admin |
452 |
534 |
534 |
iiop |
453 |
535 |
535 |
opalis-rdv |
454 |
536 |
536 |
nmsp |
455 |
537 |
537 |
gdomap |
456 |
538 |
538 |
apertus-ldp |
457 |
539 |
539 |
uucp |
458 |
540 |
540 |
uucp-rlogin |
459 |
541 |
541 |
commerce |
460 |
542 |
542 |
klogin |
461 |
543 |
543 |
kshell |
462 |
544 |
544 |
appleqtcsrvr |
463 |
545 |
545 |
dhcpv6-client |
464 |
546 |
546 |
dhcpv6-server |
465 |
547 |
547 |
idfp |
466 |
549 |
549 |
new-rwho |
467 |
550 |
550 |
cybercash |
468 |
551 |
551 |
deviceshare |
469 |
552 |
552 |
pirp |
470 |
553 |
553 |
remotefs |
471 |
556 |
556 |
openvms-sysipc |
472 |
557 |
557 |
sdnskmp |
473 |
558 |
558 |
teedtap |
474 |
559 |
559 |
rmonitor |
475 |
560 |
560 |
monitor |
476 |
561 |
561 |
chshell |
477 |
562 |
562 |
nntps |
478 |
563 |
563 |
9pfs |
479 |
564 |
564 |
whoami |
480 |
565 |
565 |
streettalk |
481 |
566 |
566 |
banyan-rpc |
482 |
567 |
567 |
ms-shuttle |
483 |
568 |
568 |
ms-rome |
484 |
569 |
569 |
meter |
485 |
570-571 |
570-571 |
sonar |
486 |
572 |
572 |
banyan-vip |
487 |
573 |
573 |
ftp-agent |
488 |
574 |
574 |
vemmi |
489 |
575 |
575 |
vnas |
491 |
577 |
577 |
ipdd |
492 |
578 |
578 |
decbsrv |
493 |
579 |
579 |
sntp-heartbeat |
494 |
580 |
580 |
bdp |
495 |
581 |
581 |
scc-security |
496 |
582 |
582 |
philips-vc |
497 |
583 |
583 |
keyserver |
498 |
584 |
584 |
imap4-ssl |
499 |
585 |
585 |
password-chg |
500 |
586 |
586 |
submission |
501 |
587 |
587 |
cal |
502 |
588 |
588 |
eyelink |
503 |
589 |
589 |
tns-cml |
504 |
590 |
590 |
http-alt |
505 |
591 |
591 |
eudora-set |
506 |
592 |
592 |
http-rpc-epmap |
507 |
593 |
593 |
tpip |
508 |
594 |
594 |
cab-protocol |
509 |
595 |
595 |
smsd |
510 |
596 |
596 |
ptcnameservice |
511 |
597 |
597 |
sco-websrvrmg3 |
512 |
598 |
598 |
acp |
513 |
599 |
599 |
ipcserver |
514 |
600 |
600 |
urm |
515 |
606 |
606 |
nqs |
516 |
607 |
607 |
sift-uft |
517 |
608 |
608 |
npmp-trap |
518 |
609 |
609 |
npmp-local |
519 |
610 |
610 |
npmp-gui |
520 |
611 |
611 |
hmmp-ind |
521 |
612 |
612 |
hmmp-op |
522 |
613 |
613 |
sshell |
523 |
614 |
614 |
sco-inetmgr |
524 |
615 |
615 |
sco-sysmgr |
525 |
616 |
616 |
sco-dtmgr |
526 |
617 |
617 |
dei-icda |
527 |
618 |
618 |
digital-evm |
528 |
619 |
619 |
sco-websrvrmgr |
529 |
620 |
620 |
escp-ip |
530 |
621 |
621 |
collaborator |
531 |
622 |
622 |
aux_bus_shunt |
532 |
623 |
623 |
cryptoadmin |
533 |
624 |
624 |
dec_dlm |
534 |
625 |
625 |
asia |
535 |
626 |
626 |
passgo-tivoli |
536 |
627 |
627 |
qmqp |
537 |
628 |
628 |
3com-amp3 |
538 |
629 |
629 |
rda |
539 |
630 |
630 |
ipp |
540 |
631 |
631 |
bmpp |
541 |
632 |
632 |
servstat |
542 |
633 |
633 |
ginad |
543 |
634 |
634 |
rlzdbase |
544 |
635 |
635 |
ldaps |
545 |
636 |
636 |
lanserver |
546 |
637 |
637 |
mcns-sec |
547 |
638 |
638 |
msdp |
548 |
639 |
639 |
entrust-sps |
549 |
640 |
640 |
repcmd |
550 |
641 |
641 |
esro-emsdp |
551 |
642 |
642 |
sanity |
552 |
643 |
643 |
dwr |
553 |
644 |
644 |
pssc |
554 |
645 |
645 |
ldp |
555 |
646 |
646 |
dhcp-failover |
556 |
647 |
647 |
rrp |
557 |
648 |
648 |
aminet |
558 |
649 |
659 |
obex |
559 |
650 |
650 |
ieee-mms |
560 |
651 |
651 |
hello-port |
561 |
652 |
652 |
repscmd |
562 |
653 |
653 |
aodv |
563 |
654 |
654 |
tinc |
564 |
655 |
655 |
spmp |
565 |
656 |
656 |
rmc |
566 |
657 |
657 |
tenfold |
567 |
658 |
658 |
mac-srvr-admin |
568 |
660 |
660 |
hap |
569 |
661 |
661 |
pftp |
570 |
662 |
662 |
purenoise |
571 |
663 |
663 |
secure-aux-bus |
572 |
664 |
664 |
sun-dr |
573 |
665 |
665 |
doom |
574 |
666 |
666 |
disclose |
575 |
667 |
667 |
mecomm |
576 |
668 |
668 |
meregister |
577 |
669 |
669 |
vacdsm-sws |
578 |
670 |
670 |
vacdsm-app |
579 |
671 |
671 |
vpps-qua |
580 |
672 |
672 |
cimplex |
581 |
673 |
673 |
acap |
582 |
674 |
674 |
dctp |
583 |
675 |
675 |
vpps-via |
584 |
676 |
676 |
vpp |
585 |
677 |
677 |
ggf-ncp |
586 |
678 |
678 |
mrm |
587 |
679 |
679 |
entrust-aaas |
588 |
680 |
680 |
entrust-aams |
589 |
681 |
681 |
xfr |
590 |
682 |
682 |
corba-iiop |
591 |
683 |
683 |
corba-iiop-ssl |
592 |
684 |
684 |
mdc-portmapper |
593 |
685 |
685 |
hcp-wismar |
594 |
686 |
686 |
asipregistry |
595 |
687 |
687 |
realm-rusd |
596 |
688 |
688 |
nmap |
597 |
689 |
689 |
vatp |
598 |
690 |
690 |
msexch-routing |
599 |
691 |
691 |
hyperwave-isp |
600 |
692 |
692 |
connendp |
601 |
693 |
693 |
ha-cluster |
602 |
694 |
694 |
ieee-mms-ssl |
603 |
695 |
695 |
rushd |
604 |
696 |
696 |
uuidgen |
605 |
697 |
697 |
olsr |
606 |
698 |
698 |
accessnetwork |
607 |
699 |
699 |
elcsd |
608 |
704 |
704 |
agentx |
609 |
705 |
705 |
silc |
610 |
706 |
706 |
borland-dsj |
611 |
707 |
707 |
entrust-kmsh |
612 |
709 |
709 |
entrust-ash |
613 |
710 |
710 |
cisco-tdp |
614 |
711 |
711 |
netviewdm1 |
615 |
729 |
729 |
netviewdm2 |
616 |
730 |
730 |
netviewdm3 |
617 |
731 |
731 |
netgw |
618 |
741 |
741 |
netrcs |
619 |
742 |
742 |
flexlm |
620 |
744 |
744 |
fujitsu-dev |
621 |
747 |
747 |
ris-cm |
622 |
748 |
748 |
kerberos-adm |
623 |
749 |
749 |
rfile |
624 |
750 |
|
kerberos-iv |
625 |
|
750 |
pump |
626 |
751 |
751 |
qrh |
627 |
752 |
752 |
rrh |
628 |
753 |
753 |
tell |
629 |
754 |
754 |
nlogin |
630 |
758 |
758 |
con |
631 |
759 |
759 |
ns |
632 |
760 |
760 |
rxe |
633 |
761 |
761 |
quotad |
634 |
762 |
762 |
cycleserv |
635 |
763 |
763 |
omserv |
636 |
764 |
764 |
webster |
637 |
765 |
765 |
phonebook |
638 |
767 |
767 |
vid |
639 |
769 |
769 |
cadlock |
640 |
770 |
770 |
rtip |
641 |
771 |
771 |
cycleserv2 |
642 |
772 |
772 |
submit |
643 |
773 |
|
notify |
644 |
|
773 |
rpasswd |
645 |
774 |
|
acmaint_dbd |
646 |
|
774 |
entomb |
647 |
775 |
|
acmaint_transd |
648 |
|
775 |
wpages |
649 |
776 |
776 |
multiling-http |
650 |
777 |
777 |
wpgs |
651 |
780 |
780 |
concert |
652 |
786 |
786 |
qsc |
653 |
|
787 |
mdbs_daemon |
654 |
800 |
800 |
device |
655 |
801 |
801 |
itm-mcell-s |
656 |
828 |
828 |
pkix-3-ca-ra |
657 |
829 |
829 |
dhcp-failover2 |
658 |
847 |
847 |
rsync |
659 |
873 |
873 |
iclcnet-locate |
660 |
886 |
886 |
iclcnet_svinfo |
661 |
887 |
887 |
accessbuilder |
662 |
888 |
888 |
omginitialrefs |
663 |
900 |
900 |
smpnameres |
664 |
901 |
901 |
ideafarm-chat |
665 |
902 |
902 |
ideafarm-catch |
666 |
903 |
903 |
xact-backup |
667 |
911 |
911 |
ftps-data |
668 |
989 |
989 |
ftps |
669 |
990 |
990 |
nas |
670 |
991 |
991 |
telnets |
671 |
992 |
992 |
imaps |
672 |
993 |
993 |
ircs |
673 |
994 |
994 |
pop3s |
674 |
995 |
995 |
vsinet |
675 |
996 |
996 |
maitrd |
676 |
997 |
997 |
busboy |
677 |
998 |
|
puparp |
678 |
|
998 |
garcon |
679 |
999 |
|
applix |
680 |
|
999 |
surf |
681 |
1010 |
1010 |
rmiactivation |
682 |
1098 |
1098 |
rmiregistry |
683 |
1099 |
1099 |
ms-sql-s |
684 |
1433 |
1433 |
ms-sql-m |
685 |
1434 |
1434 |
ms-olap |
686 |
2382-2383, 2393-2394 |
2382-2383, 2393-2394 |
msft-gc |
687 |
3268 |
3268 |
msft-gc-ssl |
688 |
3269 |
3269 |
oracle |
690 |
1521 |
1521 |
orasrv |
691 |
1525 |
1525 |
tlisrv |
692 |
1527 |
1527 |
coauthor |
693 |
1529 |
1529 |
rdb-dbs-disp |
694 |
1571 |
1571 |
oraclenames |
695 |
1575 |
1575 |
oraclenet8cman |
696 |
1630 |
1630 |
net8-cman |
697 |
1830 |
1830 |
citrixima |
698 |
2512 |
2512 |
citrixadmin |
699 |
2513 |
2513 |
citrix-rtmp |
700 |
2897 |
2897 |
citriximaclient |
701 |
2598 |
2598 |
micromuse-lm |
702 |
1534 |
1534 |
orbixd |
703 |
1570 |
1570 |
orbix-locator |
704 |
3075 |
3075 |
orbix-config |
705 |
3076 |
3076 |
orbix-loc-ssl |
706 |
3077 |
3077 |
shockwave |
707 |
1626 |
1626 |
sitaraserver |
708 |
2629 |
2629 |
sitaramgmt |
709 |
2630 |
2630 |
sitaradir |
710 |
2631 |
2631 |
mysql |
711 |
3306 |
3306 |
net-assistant |
712 |
3283 |
3283 |
msnp |
713 |
1836 |
1826 |
aim |
714 |
5190-5193 |
|
groove |
715 |
2492 |
2492 |
directplay |
716 |
2234 |
2234 |
directplay8 |
717 |
6073 |
6073 |
kali |
718 |
2213 |
2213 |
worldfusion |
719 |
2595-2596 |
|
directv-web |
720 |
3334 |
3334 |
directv-soft |
721 |
3335 |
3335 |
directv-tick |
722 |
3336 |
3336 |
directv-catlg |
723 |
3337 |
3337 |
wta-wsp-s |
724 |
2805 |
2805 |
wap-push |
725 |
2948 |
2948 |
wap-pushsecure |
726 |
2949 |
2949 |
wap-push-http |
727 |
4035 |
4035 |
wap-push-https |
728 |
4036 |
4036 |
wap-wsp |
729 |
9200 |
9200 |
wap-wsp-wtp |
730 |
9201 |
9201 |
wap-wsp-s |
731 |
9202 |
9202 |
wap-wsp-wtp-s |
732 |
9203 |
9203 |
wap-vcard |
733 |
9204 |
9204 |
wap-vcal |
734 |
9205 |
9205 |
wap-vcard-s |
735 |
9206 |
9206 |
wap-vcal-s |
736 |
9207 |
9207 |
ibprotocol |
737 |
6714 |
6714 |
pptp |
739 |
1723 |
1723 |
gtp-user |
740 |
2152 |
2152 |
xdtp |
741 |
3088 |
3088 |
l2tp |
742 |
1701 |
1701 |
fsgs |
743 |
6112 |
6112 |
parsec-game |
744 |
6582 |
6582 |
UnReal_UT |
745 |
|
7777-7783 |
SiN |
746 |
22450 |
22450 |
halflife |
747 |
|
27015 |
tribes |
748 |
28001 |
28001 |
Heretic II |
749 |
28910 |
|
starsiege |
750 |
|
29001-29009 |
game-search |
751 |
29001 |
|
KingPin |
752 |
31510 |
31510 |
runescape |
753 |
43594 |
|
quake-server |
754 |
27960 |
27910, 27960 |
game-spy |
755 |
6500, 28900 |
6515, 27900 |
GLT Poliane |
882 |
1201 |
|
MSN Messenger |
883 |
1863 |
1863 |
xbox live |
898 |
3074 |
3074 |
ps2 |
899 |
10070-10080 |
10070 |
compressnet |
900 |
2-3 |
2-3 |
rje |
901 |
5 |
5 |
echo |
902 |
7 |
7 |
discard |
903 |
9 |
9 |
systat |
904 |
11 |
11 |
daytime |
905 |
13 |
13 |
qotd |
906 |
17 |
17 |
msp |
907 |
18 |
18 |
chargen |
908 |
19 |
19 |
ftp-data |
909 |
20 |
20 |
ssh |
910 |
22 |
22 |
telnet |
911 |
23 |
23 |
nsw-fe |
912 |
27 |
27 |
msg-icp |
913 |
29 |
29 |
msg-auth |
916 |
31 |
31 |
dsp |
917 |
33 |
33 |
time |
918 |
37 |
37 |
rap |
919 |
38 |
38 |
rlp |
920 |
39 |
39 |
graphics |
921 |
41 |
41 |
name |
922 |
42 |
42 |
nicname |
923 |
43 |
43 |
mpm-flags |
924 |
44 |
44 |
mpm |
925 |
45 |
45 |
mpm-snd |
926 |
46 |
46 |
ni-ftp |
927 |
47 |
47 |
auditd |
928 |
48 |
48 |
tacacs |
929 |
49 |
49 |
re-mail-ck |
930 |
50 |
50 |
la-maint |
931 |
51 |
51 |
xns-time |
932 |
52 |
52 |
xns-ch |
934 |
54 |
54 |
isi-gl |
935 |
55 |
55 |
xns-auth |
936 |
56 |
56 |
xns-mail |
937 |
58 |
58 |
ni-mail |
938 |
61 |
61 |
acas |
939 |
62 |
62 |
whois |
940 |
63 |
63 |
covia |
941 |
64 |
64 |
tacacs-ds |
942 |
65 |
65 |
sql*net |
943 |
66 |
66 |
bootps |
944 |
67 |
67 |
bootpc |
945 |
68 |
68 |
gopher |
947 |
70 |
70 |
netrjs-1 |
948 |
71 |
71 |
netrjs-2 |
949 |
72 |
72 |
netrjs-3 |
950 |
73 |
73 |
netrjs-4 |
951 |
74 |
74 |
deos |
952 |
72 |
72 |
finger |
953 |
79 |
79 |
hosts2-ns |
954 |
81 |
81 |
xfer |
955 |
82 |
82 |
mit-ml-dev |
956 |
83, 85 |
83, 85 |
ctf |
957 |
84 |
84 |
mfcobol |
958 |
86 |
86 |
kerberos |
959 |
88 |
88 |
su-mit-tg |
960 |
89 |
89 |
dnsix |
961 |
90 |
90 |
mit-dov |
962 |
91 |
91 |
npp |
963 |
92 |
92 |
dcp |
964 |
93 |
93 |
objcall |
965 |
94 |
94 |
supdup |
966 |
95 |
95 |
dixie |
967 |
96 |
96 |
swift-rvf |
968 |
97 |
97 |
tacnews |
969 |
98 |
98 |
metagram |
970 |
99 |
99 |
newacct |
971 |
100 |
|
hostname |
972 |
101 |
101 |
iso-tsap |
973 |
102 |
102 |
gppitnp |
974 |
103 |
103 |
acr-nema |
975 |
104 |
104 |
csnet-ns |
976 |
105 |
105 |
3com-tsmux |
977 |
106 |
106 |
rtelnet |
978 |
107 |
107 |
snagas |
979 |
108 |
108 |
pop2 |
980 |
109 |
109 |
sunrpc |
981 |
111 |
111 |
mcidas |
982 |
112 |
112 |
auth |
983 |
113 |
113 |
audionews |
984 |
114 |
114 |
sftp |
985 |
115 |
115 |
ansanotify |
986 |
116 |
116 |
uucp-path |
987 |
117 |
117 |
sqlserv |
988 |
118 |
118 |
cfdptkt |
989 |
120 |
120 |
erpc |
990 |
121 |
121 |
smakynet |
991 |
122 |
122 |
NTP |
992 |
123 |
123 |
ansatrader |
993 |
124 |
124 |
locus-map |
994 |
125 |
125 |
nxedit |
995 |
126 |
126 |
locus-con |
996 |
127 |
127 |
gss-xlicen |
997 |
128 |
128 |
pwdgen |
998 |
129 |
129 |
cisco-fna |
999 |
130 |
130 |
cisco-tna |
2000 |
131 |
131 |
cisco-sys |
2001 |
132 |
132 |
statsrv |
2002 |
133 |
133 |
ingres-net |
2003 |
134 |
134 |
Anarchy |
2004 |
7013, 7500-7501 |
7013, 7500-7501 |
Asherons Call |
2005 |
|
9000 - 9001, 9004 - 9005, 9012 - 9013 |
Black And White |
2006 |
2611-2612 |
|
Counter strike |
2007 |
27020-27039 |
1200, 27000-27014 |
Dark Reign |
2008 |
26214 |
26214 |
Diablo |
2009 |
6113-6119, 4000 |
6113-6119 |
Elite Force |
2010 |
|
26000, 27500 |
F16 |
2011 |
|
3862, 3863 |
F22 Simulator (lightning 3) |
2012 |
|
3874-3875, 4533, 4534 |
Hexen |
2013 |
|
26900 |
Kohan Immortal Sovereigns |
2014 |
3855, 17437 |
3855, 17437 |
Motorhead |
2015 |
16000, 16010-16030 |
16000, 16010-16030 |
Myth |
2016 |
3453 |
3453 |
Need For Speed |
2017 |
9442 |
9442 |
Need For Speed 3 |
2018 |
1030 |
1030 |
Operation Flash Point |
2019 |
47624 |
|
Outlaws |
2020 |
5310 |
5310 |
Swat3 |
2021 |
16639 |
16638 |
Ultima |
2022 |
5002-5010, 7775-7777, 8888, 9999, 7875 |
|
Warcraft |
2023 |
3724 |
3724 |
Znes |
2024 |
|
7845 |
Delta Force |
2025 |
3100, 3999 |
3100, 3999, 3568, 3569 |
Rainbox six |
2026 |
2346 |
2346 |
Soldier of fortune |
2027 |
|
28911-28915 |
Westwood Online |
2028 |
1140, 1234 |
1140, 1234 |
Yahoo Games |
2029 |
11999 |
|
Konspire2b |
2031 |
6085 |
6085 |
ps3 |
2080 |
|
3659-3660, 3478-3479, 9600-9699 |
radmin |
2087 |
4899 |
|
vnc |
2088 |
5800-5801, 5900-5901 |
5800-5801, 5900-5901 |
Protocols Identified on Unidirectional Flows
When unidirectional classification is enabled, the protocols listed in Table 1-8 can be detected on unidirectional flows.
•When a unidirectional flow (inbound or outbound) passes through the SCE platform it is matched against this set of protocol signatures.
•When a bidirectional flow passes through the SCE platform the protocol library tries to match it to one of its standard (bidirectional) protocol signatures.
Table 1-8 Unidirectionally-Detected Protocols
|
|
AntsP2P |
113 |
Audio over HTTP |
1041 |
BBC iPlayer |
1057 |
BaiBao |
43 |
Baidu Movie |
1043 |
Behavioral Upload/Download |
127 |
Binary over HTTP |
1042 |
BitTorrent |
24 |
CUWorld |
117 |
Club Box |
1038 |
Dijjer |
120 |
DingoTel |
42 |
DirectConnect |
19 |
EmuleEncrypted |
105 |
Entropy |
125 |
Exosee |
121 |
FastTrack KaZaA File Transfer |
14 |
Feidian |
1037 |
Filetopia |
31 |
Flash |
2033 |
Flash MySpace |
2035 |
Flash Yahoo |
2036 |
Flash YouTube |
2034 |
Fring |
1052 |
Furthur |
123 |
Generic TCP |
0 |
Gnutella File Transfer |
12 |
Gnutella Networking |
11 |
Google Talk |
1030 |
GoogleEarth |
118 |
HTTP Browsing |
2 |
HTTP Tunnel |
55 |
Hopster |
115 |
Hotline |
20 |
ICQ |
119 |
Jabber |
116 |
Joost |
1046 |
Kontiki |
124 |
Location Free |
1045 |
MMS |
6 |
MS Push Mail |
1048 |
MSN Messenger |
883 |
Manolito |
22 |
Mobile MMS |
46 |
Mute |
34 |
Napster |
32 |
NeoNet |
37 |
NodeZilla |
35 |
POCO |
51 |
POP3 |
9 |
PPLive |
44 |
PPStream |
49 |
Pando |
1049 |
PeerEnabler |
122 |
QQ-Live |
2032 |
SMTP |
8 |
Skype |
25 |
Sling |
112 |
TVAnts |
109 |
Thunder |
50 |
Tor |
1065 |
UC |
48 |
Video over HTTP |
1040 |
Warez/FileCroc |
39 |
WebThunder |
1055 |
WinMX/OpenNap |
16 |
Winny |
17 |
Yahoo Messenger |
40 |
Yahoo Messenger VoIP |
45 |
Zattoo |
1047 |
eDonkey |
18 |
guruguru |
66 |
iTunes |
30 |
imap |
59 |
soribada |
69 |
v-share |
71 |
Services
Services are the building blocks of service configurations. Classification of a transaction to a service determines the accounting and control that applies to the transaction. Services are organized in a hierarchal structure used for both accounting and control.
Table 1-9 lists the services defined in the default service configuration. Both service usage counters, which are used to accumulate information about transactions classified to the service, have the same name.
Table 1-9 Installed Services
|
|
|
Global Usage Counter and Subscriber Usage Counter
|
Default Service |
0 |
|
Default Service* |
Browsing |
7 |
Default Service |
Global: Default Service*, Subscriber: Browsing* |
HTTP |
16 |
Browsing |
Global: HTTP, Subscriber: Browsing* |
HTTPS |
17 |
Browsing |
Global: HTTPS, Subscriber: Browsing* |
Location Based Services |
48 |
Browsing |
Global: Location Based Services, Subscriber: Browsing* |
E-Mail |
4 |
Default Service |
E-Mail* |
IMAP |
23 |
E-Mail |
Global: IMAP, Subscriber: E-Mail* |
MS Push Mail |
47 |
E-Mail |
Global: MS Push Mail, Subscriber: E-Mail* |
POP3 |
21 |
E-Mail |
Global: POP3, Subscriber: E-Mail* |
SMTP |
22 |
E-Mail |
Global: SMTP, Subscriber: E-Mail* |
Web-Based E-Mail |
71 |
E-Mail |
Global: Web-Based E-Mail, Subscriber: E-Mail* |
File Sharing |
49 |
Default Service |
Default Service* |
Download over HTTP |
44 |
File Sharing |
Download over HTTP |
FTP |
32 |
File Sharing |
FTP |
IM File Transfer |
51 |
File Sharing |
Global: Default Service*, Subscriber: IM File Transfer* |
Google Talk File Transfer |
54 |
IM File Transfer |
Global: Google Talk File Transfer, Subscriber: IM File Transfer* |
ICQ File Transfer |
55 |
IM File Transfer |
Global: ICQ File Transfer, Subscriber: IM File Transfer* |
QQ File Transfer |
52 |
IM File Transfer |
Global: QQ File Transfer, Subscriber: IM File Transfer* |
Skype File Transfer |
98 |
IM File Transfer |
Global: Skype File Transfer, Subscriber: IM File Transfer* |
Windows Live Messenger File Transfer |
57 |
IM File Transfer |
Global: Windows Live Messenger File Transfer, Subscriber: IM File Transfer* |
Yahoo Messenger File Transfer |
53 |
Global: Yahoo Messenger File |
Global: Yahoo Messenger File Transfer, Subscriber: IM File Transfer* |
Other IM File Transfer |
56 |
IM File Transfer |
Global: Other IM File Transfer, Subscriber: IM File Transfer* |
One-Click Hosting |
50 |
File Sharing |
One-Click Hosting |
P2P |
9 |
File Sharing |
Default Service* |
Ares/Warez |
58 |
P2P |
Arez/Warez |
Bittorrent |
24 |
P2P |
Global: Default Service*, Subscriber: Bittorrent* |
Encrypted Bittorrent |
62 |
Bittorrent |
Global: Encrypted Bittorrent, Subscriber: Bittorrent* |
Non-Encrypted Bittorrent |
63 |
Bittorrent |
Global: Non-Encrypted Bittorrent, Subscriber: Bittorrent* |
Gnutella |
30 |
P2P |
Gnutella |
Winny |
27 |
P2P |
Winny |
eDonkey/eMule |
14 |
P2P |
Global: Default Service*, Subscriber: eDonkey/eMule* |
Encrypted eMule |
60 |
eDonkey/eMule |
Global: Encrypted eMule, Subscriber: eDonkey/eMule* |
Non-Encrypted eMule |
61 |
eDonkey/eMule |
Global: Non-Encrypted eMule, Subscriber: eDonkey/eMule* |
Behavioral P2P |
43 |
P2P |
Behavioral P2P |
Other P2P |
59 |
P2P |
Other P2P |
Behavioral Upload/Download |
39 |
File Sharing |
Behavioral Upload/Download |
Gaming |
29 |
Default Service |
Global: Default Service*, Subscriber: Gaming* |
Nintendo Wii |
90 |
Gaming |
Global: Nintendo Wii, Subscriber: Gaming* |
PC Gaming |
87 |
Gaming |
Global: PC Gaming, Subscriber: Gaming* |
Playstation |
89 |
Gaming |
Global: Playstation, Subscriber: Gaming* |
Xbox |
88 |
Gaming |
Global: Xbox, Subscriber: Gaming* |
Instant Messaging |
28 |
Default Service |
Global: Default Service*, Subscriber: Instant Messaging* |
Google Talk |
83 |
Instant Messaging |
Global: Google Talk, Subscriber: Instant Messaging* |
ICQ |
85 |
Instant Messaging |
Global: ICQ, Subscriber: Instant Messaging* |
Windows Live Messenger |
82 |
Instant Messaging |
Global: Windows Live Messenger, Subscriber: Instant Messaging* |
Yahoo Messenger |
84 |
Instant Messaging |
Global: Yahoo Messenger, Subscriber: Instant Messaging* |
Other Instant Messaging |
86 |
Instant Messaging |
Global: Other Instant Messaging, Subscriber: Instant Messaging* |
Internet Privacy |
94 |
Default Service |
Global: Default Service*, Subscriber: Internet Privacy* |
Anonimity Networks |
95 |
Internet Privacy |
Global: Anonimity Networks, Subscriber: Internet Privacy* |
Tunneling |
38 |
Internet Privacy |
Global: Tunneling, Subscriber: Internet Privacy* |
VPN |
41 |
Internet Privacy |
Global: Default Service*, Subscriber: Internet Privacy* |
IPSec VPN |
42 |
VPN |
Global: IPSec VPN, Subscriber: Internet Privacy* |
Internet Video |
70 |
Default Service |
Default Service* |
Audio and Video over HTTP |
76 |
Internet Video |
Audio and Video over HTTP |
Commercial Media Distribution |
26 |
Internet Video |
Commercial Media Distribution |
Flash |
45 |
Internet Video |
Global: Default Service*, Subscriber: Flash* |
Flash MySpace |
73 |
Flash |
Global: Flash MySpace, Subscriber: Flash* |
Flash Yahoo |
75 |
Flash |
Global: Flash Yahoo, Subscriber: Flash* |
Flash YouTube |
74 |
Flash |
Global: Flash YouTube, Subscriber: Flash* |
Other Flash |
72 |
Flash |
Global: Other Flash, Subscriber: Flash* |
P2P TV |
77 |
Internet Video |
Global: Default Service*, Subscriber: P2P TV* |
Joost |
81 |
P2P TV |
Global: Joost, Subscriber: P2P TV* |
PPLive |
79 |
P2P TV |
Global: PPLive, Subscriber: P2P TV* |
PPStream |
80 |
P2P TV |
Global: PPStream, Subscriber: P2P TV* |
Other P2P TV |
78 |
P2P TV |
Global: Other P2P TV, Subscriber: P2P TV* |
Streaming |
34 |
Internet Video |
Global: Default Service*, Subscriber: Streaming* |
MMS |
20 |
Streaming |
Global: MMS, Subscriber: Streaming* |
RTMP |
99 |
Streaming |
Global: RTMP, Subscriber: Streaming* |
RTSP |
19 |
Streaming |
Global: RTSP, Subscriber: Streaming* |
Net Admin |
33 |
Default Service |
Global: Default Service*, Subscriber: Net Admin* |
Naming Services |
91 |
Net Admin |
Global: Naming Services, Subscriber: Net Admin* |
Terminals |
92 |
Net Admin |
Global: Terminals, Subscriber: Net Admin* |
Other Net Admin |
93 |
Net Admin |
Global: Other Net Admin, Subscriber: Net Admin* |
Newsgroups |
8 |
Default Service |
Newsgroups |
Voice and Video Calls |
12 |
Default Service |
Global: Default Service*, Subscriber: Voice and Video Calls* |
Google Talk VoIP |
68 |
Voice and Video Calls |
Global: Google Talk VoIP, Subscriber: Voice and Video Calls* |
H323 |
11 |
Voice and Video Calls |
Global: H323, Subscriber: Voice and Video Calls* |
ICQ VoIP |
40 |
Voice and Video Calls |
Global: ICQ VoIP, Subscriber: Voice and Video Calls* |
MGCP |
5 |
Voice and Video Calls |
Global: MGCP, Subscriber: Voice and Video Calls* |
QQ VoIP |
69 |
Voice and Video Calls |
Global: QQ VoIP, Subscriber: Voice and Video Calls* |
SIP |
10 |
Voice and Video Calls |
Global: SIP, Subscriber: Voice and Video Calls* |
Skype |
25 |
Voice and Video Calls |
Global: Default Service*, Subscriber: Voice and Video Calls* |
Skype VoIP |
97 |
Skype |
Global: Skype VoIP, Subscriber: Voice and Video Calls* |
SkypeIn |
65 |
Skype |
Global: SkypeIn, Subscriber: Voice and Video Calls* |
SkypeOut |
66 |
Skype |
Global: SkypeOut, Subscriber: Voice and Video Calls* |
Other Skype |
67 |
Skype |
Global: Other Skype, Subscriber: Voice and Video Calls* |
Vonage |
13 |
Voice and Video Calls |
Global: Vonage, Subscriber: Voice and Video Calls* |
Windows Live Messenger VoIP and Video |
15 |
Voice and Video Calls |
Global: Default Service*, Subscriber: Voice and Video Calls* |
Windows Live Messenger Video |
18 |
Windows Live Messenger VoIP and Video |
Global: Windows Live Messenger Video, Subscriber: Voice and Video Calls* |
Windows Live Messenger VoIP |
46 |
Windows Live Messenger VoIP and Video |
Global: Windows Live Messenger VoIP, Subscriber: Voice and Video Calls* |
Yahoo Messenger VoIP and Video |
31 |
Voice and Video Calls |
Global: Default Service*, Subscriber: Voice and Video Calls* |
Yahoo Messenger Video |
35 |
Yahoo Messenger VoIP and Video |
Global: Yahoo Messenger Video, Subscriber: Voice and Video Calls* |
Yahoo Messenger VoIP |
37 |
Yahoo Messenger VoIP and Video |
Global: Yahoo Messenger VoIP, Subscriber: Voice and Video Calls* |
Behavioral VoIP |
64 |
Voice and Video Calls |
Global: Behavioral VoIP, Subscriber: Voice and Video Calls* |
Other VoIP |
36 |
Voice and Video Calls |
Global: Other VoIP, Subscriber: Voice and Video Calls* |
Other |
1 |
Default Service |
Default Service* |
Other IP |
6 |
Other |
Other IP |
Other TCP |
2 |
Other |
Other TCP |
Other UDP |
3 |
Other |
Other UDP |
Other Well-Known Ports |
96 |
Other |
Other Well-Known Ports |
Note An asterisk is appended to a service usage counter name whenever the counter applies to more than one service.
RDR Settings
SCE platforms generate and transmit Raw Data Records (RDRs) that contain a wide variety of information and statistics, depending on the configuration of the system.
Table 1-10 lists the RDR settings defined in the default service configuration.
Table 1-10 Default RDR Settings
|
|
|
|
|
|
Usage |
Link |
ON |
Every 5 minutes |
|
|
Package |
ON |
Every 5 minutes |
|
|
Subscriber |
ON |
Every 10 minutes |
|
|
Virtual Links |
OFF |
Every 10 minutes |
|
Default is ON for service configurations created in Virtual Links mode. |
Transaction |
Transaction |
ON |
|
100 per second |
All services have the same relative weight. |
Transaction Usage |
Transaction Usage (TUR) |
OFF |
|
|
No threshold. |
Interim TUR |
OFF |
|
|
|
Media Flow |
ON |
|
|
|
Quota |
Breach |
OFF |
|
|
|
Remaining |
OFF |
Every 5 minutes |
100 per second |
|
Threshold |
OFF |
|
|
Generate RDR when balance goes below 10 MB. |
Restore Quota |
OFF |
|
|
Generated upon subscriber introduction. |
Log |
Block |
ON |
|
20 per second |
|
Real-Time Subscriber |
Real-Time Subscriber Usage |
ON |
Every 1 minutes |
100 per second |
Enable for each subscriber separately, using CLI. |
Real-Time Signaling |
Flow Signaling |
OFF |
|
|
|
Attack Signaling |
OFF |
|
|
|
Malicious Traffic |
Malicious Traffic |
ON |
Every 60 seconds |
|
Only generated during attack. |
Rules
Rules are set of configurable instructions telling the application how to handle flows classified to a service.
The default service configuration contains a single rule for the default service. Until you create other rules, the default service rule applies to all traffic processed by the SCE platform.
The default service rule places no restrictions on traffic:
•Flows are routed through the default BWCs, which have unlimited BW.
•No quota limitations are applied to the flows and external quota management mode is selected.
System Mode
The default System Operational Mode is Report Only, which means that the system is used for reporting but does not control traffic.
The default System Topological Mode is Duplex, which means that all inbound and outbound traffic goes through the SCE platform.
Note When unidirectional classifications enabled, there are some changes to the default service configuration:
There are no predefined flavors.
No service elements include a specified flavor.
Periodic quota management mode is selected.