From 2f489cc65e7b57d9ee5a222ef821cd8016cfbfff Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Tue, 19 Feb 2013 11:27:36 +0000
Subject: secure use of connection tracking helpers enable connection tracking
 helpers when required, fixes #1540 service-specific RELATED rules

---
 json/services.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'json')

diff --git a/json/services.json b/json/services.json
index 25216af..4570528 100644
--- a/json/services.json
+++ b/json/services.json
@@ -16,7 +16,7 @@
       { "proto": "tcp", "port": 135 },
       { "proto": "udp", "port": 135 }
     ],
-    "ftp": { "proto": "tcp", "port": 21 },
+    "ftp": { "proto": "tcp", "port": 21, "ct-helper": "ftp" },
     "gre": { "proto": "gre" },
     "hp-pdl": { "proto": "tcp", "port": 9100 },
     "http": { "proto": "tcp", "port": 80 },
@@ -30,7 +30,7 @@
       { "proto": "esp" },
       { "proto": "udp", "port": [ 500, 4500 ] }
     ],
-    "irc": { "proto": "tcp", "port": 6667 },
+    "irc": { "proto": "tcp", "port": 6667, "ct-helper": "irc" },
     "kerberos": [
       { "proto": "tcp", "port": 88 },
       { "proto": "udp", "port": 88 }
@@ -67,7 +67,7 @@
     ],
     "netbios-ns": [
       { "proto": "tcp", "port": 137 },
-      { "proto": "udp", "port": 137 }
+      { "proto": "udp", "port": 137, "ct-helper": "netbios_ns" }
     ],
     "netbios-ssn": [
       { "proto": "tcp", "port": 139 },
@@ -90,8 +90,8 @@
     ],
     "rdp": { "proto": "tcp", "port": 3389 },
     "sip": [
-    	{ "proto": "udp", "port": 5060 },
-    	{ "proto": "tcp", "port": 5060 }
+    	{ "proto": "udp", "port": 5060, "ct-helper": "sip" },
+    	{ "proto": "tcp", "port": 5060, "ct-helper": "sip" }
     ],
     "sip-tls": [
       { "proto": "udp", "port": 5061 },
-- 
cgit v1.2.3