CLI: Applications

You can use the application command to create a new application definition.

[no] application <application name> {network-object|port|portrange|protocol-only|signature}

To create an application by network objecta logical definition created and stored in the Exinda lilbrary, can represent any network component or to remove the network object from the application definition:

[no] application <application name> network-object <network-object-name>

  • network-object <network_object_name> - Define the application by network object.

To create an application by port number and protocol (or to remove the port number and protocol from the application definition):

[no] application <application-name> [network-object <network-object-name>] port <port number> protocol {protocol}

  • port <port-number> - Define the application by a particular port number.
  • protocol {protocol} - Define the application by protocol. e.g. 6in4, ah, egp, esp, ggp, gre, icmp, icmpv6, igmp, igp, ip, ipencap, ipip, ospf, pup, sctp, st, tcp, udp, vrrp
  • network-object <network-object-name> - Can be optionally specified.

To create an application by port range and protocol (or to remove the port range and protocol from the application definition:

[no] application <application-name> [network-object <network-object-name>] portrange <port_number_low> <port_number_high> protocol {protocol}

  • network-object <network-object-name> - Can be optionally specified.

To create an application by only specifying a protocol (or to remove the protocol only setting from the application definition):

[no] application <application-name> protocol-only {protocol}

To create an application using an L7layer 7, the application layer of the OSI application signature (or to remove the L7 signature from the application definition):

[no] application <application-name> signature <l7_signature> [signature_options]

  • signature <l7_signature> - Specify a L7 signature that the appliance can recognize. Type application <application-name> signature ? to get a list of L7 signatures that the appliance can recognize.
  • [signature_options] - Some of the L7 signatures have optional settings.

To remove all configuration for a specified application :

application <application name> clear

To remove an application:

no application <application-name>

EXAMPLE

Define an application called FTP that uses TCPTransmission Control Protocol ports 20 and 21 with the L7 signature, ftp.

application FTP portrange 20 21 protocol tcp
application FTP signature ftp

To view an application's definition:

show application <application-name>