ACC SHELL

Path : /usr/share/YaST2/modules/
File Upload :
Current File : //usr/share/YaST2/modules/SuSEFirewallCMDLine.ybc

YaST bytecode 1.4.0SuSEFirewallCMDLineSuSEFirewallCMDLine.ycpCommandLineSuSEFirewallSuSEFirewallServicesSuSEFirewallUIModeReportStringfirewall/summary.ycp	SuSEFirewallExpertRules
firewall/subdialogs.ycpLabelProductFeatures
	expert_uiIsThisExpertConfigurationGetZonesListedItemsFirewallInterfacesSetFirewallInterfaceIntoZone		AdditionalSettingsForZones			MasqueradingGetDefinedServicesListedItemsAllowedServicesExpertAcceptRulesAdditionalServices	RedirectToMasqueradedIPAddRedirectToMasqueradedIPRuleLoggingLevelBroadcastConfigurationSimpleBroadcastReplyIPsecSupportIPsecTrustAsZoneCustomFirewallRules AddCustomFirewallRule!	HTMLWrong		"
BoxSummary#firewall/uifunctions.ycp$Confirm%PortAliases&Popup'Address(Wizard)IP*Netmask+
PortRanges,firewall/generalfunctions.ycp-
GetPortNumber		.GetPortName		/firewall/helps.ycp0HELPS		1
HelpForDialog		2all_popup_definition3CheckNetwork	4SetFirewallIcon5DisableBackButton	6SaveAndRestart7StartNow8StopNow9+SetFirewallInterfacesCustomAndChangeButtons	:max_length_intname;RedrawFirewallInterfaces<known_device_names		=InitFirewallInterfaces	>'HandlePopupSetFirewallInterfaceIntoZone	?%HandlePopupAdditionalSettingsForZones@HandleFirewallInterfaces
	AReportWrongPortDefinition		BCheckPortNumberDefinition	CCheckPortNameDefinition	DCheckIfTheyAreAllKnownPorts		E!CheckAdditionalServicesDefinition	FHandlePopupAdditionalServices	GRedrawAllowedServicesDialog	HRedrawAllowedServices	IInitAllowedServices	JHandleAllowedServices
	KSetMasqueradeTableUsableLIsMasqueradingPossibleMInitMasquerading	NCheckExistency	O	CheckPort	PCheckPortNumber			QCheckIP	RUserReadablePortName			S"RedrawRedirectToMasqueradedIPTableT)HandlePopupAddRedirectToMasqueradedIPRuleUHandleMasquerading
	VHandleRedirectToMasqueradedIP
	WInitRedirectToMasqueradedIP	XHandlePopupIPsecTrustAsZoneYInitIPsecSupport	ZHandleIPsecSupport
	[StoreIPsecSupport	\InitLoggingLevel	]StoreLoggingLevel	^ InitBroadcastConfigurationSimple	_!StoreBroadcastConfigurationSimple	`firewall_enabled_stafirewall_started_stb InitServiceStartVsStartedStopped	cSetEnableFirewalldcustomrules_current_zone	eRedrawCustomRules	fInitCustomRules	gDeleteSelectedCustomRule	hCheckPortNameOrNumber	iHandlePopupAddCustomRule	jHandleCustomRules
	kGetBcastServiceName			lGetBcastNetworkName		mRedrawBroadcastReplyTablenInitBroadcastReply	oservice_to_protocol		pservice_to_port		qGetBcastServiceProtocol		rGetBcastServicePort		sValidateBroadcastReplyRule					tAddAcceptBroadcastReplyRuleuHandleBroadcastReply
	vshow_detailswprotocol_type_namesxli_start	yli_end	zul_start	{ul_end	|SummaryInitCommandLine}SummaryZoneHeader		~SummaryCheckSpecInterface			SummaryInterfacesInZone		ShowServiceDetails		SummaryOpenServicesInZone		SummaryCustomRules		SummaryZoneBody		SummaryFirewallStart	SummaryUnassignedInterfaces	InitBoxSummary		CommaSeparatedList		CheckZone	ListFirewallZones
FWCMDZonesFWCMDSummaryFWCMDStartupFWCMDInterfacesFWCMDLoggingFWCMDBroadcastFWCMDServicesListFWCMDServicesShow	&FWCMDServicesDefinedServicesManagement			&FWCMDServicesAdditionalPortsManagement				FWCMDServicesProtect		
FWCMDServicesFWCMDMasqRedirectShowFWCMDMasqRedirectFWCMDMasqueradecmdlineRun

##,,#//#3WFMArgs3UI		UserInput
OpenDialogCloseDialogChangeWidget

QueryWidget


ReplaceWidget
SetFocus
Glyph	
WidgetExists
3UI		UserInput
OpenDialogCloseDialogChangeWidget

QueryWidget


ReplaceWidget
SetFocus
Glyph	
WidgetExists
0firewall3CommandLineError	Print	Run3SuSEFirewall,ReadWriteGetKnownFirewallZones	IsServiceSupportedInZone		GetSpecialInterfacesInZone		AddSpecialInterfaceIntoZone		max_port_numberGetBroadcastAllowedPorts		SetBroadcastAllowedPorts		GetZoneFullName		SetProtectFromInternalZoneGetProtectFromInternalZoneSetTrustIPsecAs	GetTrustIPsecAs	GetStartServiceSetStartServiceGetEnableServiceSetEnableService
StartServicesStopServices	IsStartedGetZoneOfInterface		'GetInterfacesInZoneSupportingAnyFeature		GetAllKnownInterfaces		RemoveInterfaceFromZone		AddInterfaceIntoZone		GetInterfacesInZone		SetServicesForZones		SaveAndRestartServiceGetAdditionalServices			SetAdditionalServices			RemoveSpecialInterfaceFromZone		
GetMasquerade
SetMasqueradeGetListOfForwardsIntoMasquerade		RemoveForwardIntoMasqueradeRuleAddForwardIntoMasqueradeRule						GetLoggingSettings		SetLoggingSettings		GetIgnoreLoggingBroadcast		SetIgnoreLoggingBroadcast		GetProtocolTranslatedName		GetServicesAcceptRelated		SetServicesAcceptRelated		3SuSEFirewallServicesGetNeededTCPPorts		ServiceDefinedByPackage	&GetFilenameFromServiceDefinedByPackage		IsKnownService	GetSupportedServices		GetNeededUDPPorts		GetNeededRPCPorts		GetNeededIPProtocols		GetDescription		GetNeededBroadcastPorts		GetNeededPortsAndProtocols			3SuSEFirewallUIGetShowSummaryDetailssimple_text_output3Modecommandlinenormal	testsuite3ReportError	3String
EscapeTags			TextTable				UnderlinedHeader		1firewall/summary.ycp0firewall3SuSEFirewallExpertRulesIsValidNetwork	ValidNetwork	GetListOfAcceptRules			AddNewAcceptRule			DeleteRuleID	1firewall/subdialogs.ycp0
firewall3Label	AddButton	CancelButton	OKButton	DeleteButton	3ProductFeatures
GetFeature		$

globalsui_modeexpert%
-
% itemszone_names_to_zones		
$!	$#
,%		foreachzone_id	

'&,)				foreach	zone_name	zone_id	

&*additemid--%2network_managerdialog
$4Empty$;FrameFirewall InterfacesfirewallVBoxTableidtable_firewall_interfacesoptnotify	immediateheaderDevicefirewallInterface or Stringfirewall
Configured Infirewall	HBox
PushButtonidchange_firewall_interface
&Change...firewall
PushButtoniduser_defined_firewall_interface
C&ustom...firewallHStretch-V%Ydevice		interface	zones
dialog
$ZFrameZone for Network InterfacefirewallVBoxHBoxVBoxLeftLabelLeftLabelComboBoxidzone_for_interfaceopthstretch&Interface ZonefirewallVSpacing	ButtonBox
PushButtonidokoptokButtondefaultkey_F10
PushButtonidcanceloptcancelButtonkey_F9-q%wzones_additons			
user_defined_zonesdialog
$xVBox,z						foreachzone_id	zone_attributes		

&{add
InputFieldid+			zone_additions_opthstretchname	items	$Frame'Additional Interface Settings for ZonesfirewallVBoxHStretchVSpacingVSpacingVSpacing	ButtonBox
PushButtonidokoptokButtondefaultkey_F10
PushButtonidcanceloptcancelButtonkey_F9-%dialog
$FrameMasqueradingfirewallVBoxReplacePointid#replacepoint_masquerade_informationEmptyLeftCheckBoxidmasquerade_networksoptnotify&Masquerade Networksfirewall-%
services_listtranslations_to_service_ids		
$	$
,				foreach
service_id	service_name	

(	4
,	
y2error	
+More services with the same translation: %1',				foreachservice_name	
service_id	

&additemid-%dialog
$VBoxLeftComboBoxidallowed_services_zoneoptnotify#All&owed Services for Selected ZonefirewallVSpacingHBoxVBoxopthstretchLeftReplacePointid allow_service_names_replacepointComboBoxidallow_service_names&Service to Allowfirewall	Tableidtable_allowed_servicesopthstretchvstretchkeepSortingheaderAllowed ServicefirewallDescriptionfirewall	VSpacingLeftCheckBoxidprotect_from_internaloptnotify$&Protect Firewall from Internal ZonefirewallHSquashVBoxVSpacing1.1
PushButtonidadd_allowed_serviceopthstretch+			+			  
PushButtonidremove_allowed_serviceopthstretch+			+			  Emptyoptvstretch
PushButtonidadvanced_allowed_serviceopthstretch+			+			 A&dvanced...firewall -%dialog
$VBoxLeftComboBoxidallowed_services_zoneoptnotify'Expert Rules Services for Selected ZonefirewallVSpacingVBoxTableidtable_expert_accept_rulesheaderSource NetworkfirewallProtocolfirewallDestination PortfirewallSource Portfirewall	HBox
PushButtonidadd_redirect_to_masquerade
PushButtonidremove_redirect_to_masqueradeHStretch-%	zone_name	
dialog
$HBoxMinSizeRichTextid	help_textHSpacing1.5TopFrameAdditional Allowed PortsfirewallVBox	HSpacing-VSpacingLeftLabel		
sformat		
Settings for Zone: %1firewall
InputFieldidadditional_tcpopthstretch
&TCP Portsfirewall
InputFieldidadditional_udpopthstretch
&UDP Portsfirewall
InputFieldidadditional_rpcopthstretch
&RPC Portsfirewall
InputFieldid
additional_ipopthstretch
&IP ProtocolsfirewallVSpacing	ButtonBox
PushButtonidokoptokButtonkey_F10default
PushButtonidcanceloptcancelButtonkey_F9-3%dialog
$Frame#Redirect Requests to Masqueraded IPfirewallVBoxTableidtable_redirect_masqheaderSource NetworkfirewallProtocolfirewallReq. IPfirewall	Req. PortfirewallRedir. to IPfirewallRedir. to Portfirewall	HBox
PushButtonidadd_redirect_to_masquerade
PushButtonidremove_redirect_to_masqueradeHStretch-%dialog
$FrameAdd Masqueraded Redirect RulefirewallVBoxVSpacingLeftLabelRedirect Matching Rule:firewallHBoxVBoxComboBoxidadd_source_networkopteditablehstretch&Source Networkfirewall		item	id0/00/0
InputFieldidadd_requested_ipopthstretch
Re&quested IPfirewallVBoxComboBoxidadd_protocolopthstretch	&Protocolfirewall		item	idtcpTCP	item	idudpUDP
InputFieldidadd_requested_portopthstretchR&equested PortfirewallVSpacingLeftLabelRedirection:firewallHBox
InputFieldidadd_redirectto_ipopthstretchRe&direct to Masqueraded IPfirewall
InputFieldidadd_redirectto_portopthstretch&Redirect to PortfirewallVSpacing	ButtonBox
PushButtonidokoptokButtondefaultkey_F10
PushButtonidcanceloptcancelButtonkey_F9-%logging_optionsdialog
$itemidALLLog AllfirewallitemidCRITLog Only CriticalfirewallitemidNONEDo Not Log Anyfirewall$VBoxFrame
Logging LevelfirewallVBoxLeftComboBoxidlogging_ACCEPT&Logging Accepted PacketsfirewallLeftComboBoxidlogging_DROPL&ogging Not Accepted Packetsfirewall-%dialog
$FrameBroadcast ConfigurationfirewallReplacePointidreplace_point_bcastEmpty-%dialog
$VBoxLeftLabelAccepting the Broadcast ReplyfirewallTableidtable_broadcastreplyheaderZonefirewallServicefirewallAccepted from Networkfirewall	LeftHBox
PushButtonidadd_br&Add...firewall
PushButtonid	delete_br&Deletefirewall-%?dialog
$@Frame
IPsec SupportfirewallHBoxLeftCheckBoxidispsec_support&EnabledfirewallHStretchRight
PushButtonid
ipsec_details&Details...firewall-K%Ntrust_zonesdialog
$Oadditemidno$Same Zone as Original Source Networkfirewall$SFrame
IPsec ZonefirewallVBoxVSpacingLeftComboBoxidtrust_ipsec_as&Trust IPsec AsfirewallVSpacing	ButtonBox
PushButtonidokoptokButtondefaultkey_F10
PushButtonidcanceloptcancelButtonkey_F9-g%ydialog
$zFrameCustom Allowed RulesfirewallVBoxLeftComboBoxidcustom_rules_firewall_zoneoptnotifyFirewall &ZonefirewallVSpacingTableidcustom_rules_tableheaderSource NetworkfirewallProtocolfirewallDestination PortfirewallSource Portfirewall	HBox
PushButtonidadd_custom_rule
PushButtonidremove_custom_ruleHStretch-% 
-VBoxFrameAdd New Allowing RulefirewallVBox
InputFieldidadd_source_networkopthstretchSource &NetworkfirewallLeftComboBoxidadd_protocol	&Protocolfirewallitemidtcptcpitemidudpudpitemid_rpc__rpc_
InputFieldidadd_destination_portopthstretch&Destination Port (Optional)firewall
InputFieldidadd_source_portopthstretch&Source Port (Optional)firewallVSpacing	ButtonBox
PushButtonidokoptokButtondefaultkey_F10
PushButtonidcanceloptcancelButtonkey_F9%!emphasize_string	

-		
sformat		
<font color='#993300'>%1</font>%"dialog
$VBoxRichTextidbox_summary_richtextCreating summary...firewallVSpacingLeftCheckBoxidshow_detailsoptnotify
&Show Detailsfirewall-2firewall/summary.ycp1firewall/uifunctions.ycp0
firewall3ConfirmDeleteSelected3PortAliasesAllowedPortNameOrNumber	GetListOfServiceAliases		IsKnownPortName	
GetPortNumber	IsAllowedPortName	3PopupError	YesNo	ContinueCancelHeadline		
YesNoHeadline		3AddressValid4	Check4	3WizardRestoreHelp	CreateDialogSetTitleIcon	3IPCheck4	3NetmaskCheck4	CheckPrefix4	3
PortRangesIsPortRange	IsValidPortRange	1firewall/generalfunctions.ycp0
firewall%-port_to_be_checked	,#,#(4,#,	
y2error	
 Port name/number must be defined-(!		regexpmatch		^[0123456789]+$4port_aliases	,#$&,		foreach
port_alias	,#,#(		regexpmatch		^[0123456789]+$4,#&. -%%,.port_to_be_checked	,#,#(-4-,#,.	
y2error	
 Port name/number must be defined-/(2		regexpmatch		^[0123456789]+$42port_aliases	,#$3&5,6		foreach
port_alias	,#,#(8!		regexpmatch		^[0123456789]+$48,#&9.:-?2firewall/uifunctions.ycp1firewall/helps.ycp0firewall$0reading_configurationJ<p><b><big>Reading Firewall Configuration</big></b>
<br>Please wait...</p>firewallsaving_configurationI<p><b><big>Saving Firewall Configuration</big></b>
<br>Please wait...</p>firewallfirewall-interfaces<p><b><big>Interfaces</big></b>
<br>Here, assign your network devices into firewall zones
by selecting the device in the table and clicking <b>Change</b>.</p>

<p>Enter special strings, like <tt>any</tt>, using 
<b>Custom</b>. You can also enter interfaces not yet configured here.
If you need masquerading, the string <tt>any</tt> is not allowed.</p>

<p>Every network device should be assigned to a firewall zone.
Network traffic through any unassigned interface is blocked.</p>
firewallallowed-services+			<p><b><big>Allowed Services</big></b>
<br>Here, specify services or ports that should be accessible from the network.
Networks are divided into firewall zones.</p>

<p>To allow a service, select the <b>Zone</b> and the
<b>Service to Allow</b> then press <b>Add</b>.
To remove an allowed service, select the <b>Zone</b> and the <b>Allowed Service</b> then press <b>Delete</b>.</p>

<p>By deselecting <b>Protect Firewall from Internal Zone</b>, remove 
protection from the zone. All services and ports would be unprotected from this zone.</p>
firewall<p>Additional settings can be configured using <b>Advanced</b>.
Entries must be separated by a space. There you can allow TCP, UDP, and RPC ports and
IP protocols.</p>
<p>TCP and UDP ports can be entered as port names (<tt>ftp-data</tt>),
port numbers (<tt>3128</tt>), and port ranges (<tt>8000:8520</tt>).
RPC ports must be entered as service names (<tt>portmap</tt> or <tt>nlockmgr</tt>).
Enter IP protocols as the protocol name (<tt>esp</tt>).
</p>
firewallbase-masquerading|<p><b><big>Masquerading</big></b>
<br>Masquerading is a function that hides your internal network behind your firewall and allows
your internal network to access the external network, such as the Internet, transparently. Requests
from the external network to the internal one are blocked.
Select <b>Masquerade Networks</b> to masquerade your networks
to the external network.</p>
firewallmasquerade-redirect-table_<p>
Although requests from the external network cannot reach your internal network, it is possible to
transparently redirect any requested ports on your firewall to any internal IP.  
To add a new redirect rule, press <b>Add</b> and complete the redirect form.</p>

<p>To removed any redirect rule, select it in the table and press <b>Delete</b>.</p>
firewallsimple-broadcast-configuration<p><b><big>Broadcast Configuration</big></b>
<br>Broadcast packets are special UDP packets sent to the whole network to find 
neighboring computers or send information to each computer in the network.
For example, CUPS servers provide information about their printing queues using broadcast packets.</p>

<p>SuSEfirewall2 services selected in allowed interfaces automatically add needed broadcast
ports here. To remove any or add any others, edit lists of space-separated ports for
particular zones.</p>

<p>Other dropped broadcast packets are logged. It could be quite a lot of packets in wider networks.
To suppress logging of these packets, deselect <b>Log Not Accepted Broadcast Packets</b>
for the desired zones.</p>
firewallbroadcast-reply<p><b><big>Broadcast Reply</big></b><br>
Firewall usually drops packets that are sent by another machines as their reply
to broadcast packets sent by your system, e.g., Samba browsing or SLP browsing.</p>

<p>Here you can configure which packets are allowed to pass through the firewall. Use <b>Add</b>
button to add a new rule. You will have to choose the firewall zone and also choose from
some already defined services or set your rule completely manually.</p>
firewallbase-ipsec-support<p><b><big>IPsec Support</big></b>
<br>IPsec is an encrypted communication between trusted hosts or networks through untrusted networks, such as
the Internet. This dialog opens IPsec for an external zone using
<b>Enabled</b>.</p>

<p><b>Details</b> configures how to handle successfully decrypted
IPsec packets.  For example, they could be handled as if they were from the internal zone.</p>
firewallbase-logging6<p><b><big>Logging Level</big></b>
<br>This is a base configuration dialog for IP packet logging settings. Here,
configure logging for incoming connection packets. Outgoing ones are not logged at all.</p>

<p>There are two groups of logged IP packets: <b>Accepted Packets</b> and <b>Not Accepted Packets</b>.
You can choose from three levels of logging for each group: <b>Log All</b> for logging every
packet, <b>Log Only Critical</b> for logging only interesting ones, or <b>Do Not Log Any</b>
for no logging. You should log at least critical accepted packets.</p>
firewallbox-summary<p><b><big>Summary</big></b>
<br>Here, find a summary of your configuration settings.
This summary is divided into general configuration and parts for each firewall zone.
Every existing zone is summarized here.</p>

<p><b>Firewall Starting</b> shows whether the firewall is started in the
<b>boot process</b> or only <b>manually</b>.</p>

<p>Firewall zones must have a network interface assigned to list the following items in the summary:</p>

<p><b>Interfaces</b>: All interfaces are listed using their configuration name and device name.</p>

<p><b>Open Services, Ports, and Protocols</b>: This lists all allowed network services, additional
TCP (Transmission Control Protocol), UDP (User Datagram Protocol), and RPC (Remote Procedure Call)
ports, and IP (Internet Protocol) protocols.</p>
firewalladditional-services+			+			+			+			+			P<p>Here, enter additional
ports or protocols to enable in the firewall zone.</p>firewall<p><b>TCP Ports</b> and <b>UDP Ports</b> can be entered as
a list of port numbers, port names, or port ranges separated by spaces,
such as <tt>22</tt>, <tt>http</tt>, or <tt>137:139</tt>.</p>firewall<p><b>RPC Ports</b> is a list of RPC services, such as
<tt>nlockmgr</tt>, <tt>ypbind</tt>, or <tt>portmap</tt>, separated by spaces.</p>firewall<p><b>IP Protocols</b> is a list of protocols, such as
<tt>esp</tt>, <tt>smp</tt>, or <tt>chaos</tt>, separated by spaces.
Find the current list of protocols at
http://www.iana.org/assignments/protocol-numbers.</p>firewall<p>The <b>Port Range</b> consists of two colon-separated numbers that represent
all numbers inside the range including the numbers themselves.
The first port number must be lower than the second one,
for example, <tt>200:215</tt>.</p>firewall<p>The <b>Port Name</b> is a name assigned to a port number by the IANA
organization. One port number can have multiple port names assigned. Find
the assignment currently in use in the <tt>/etc/services</tt> file.</p>firewallinstallation_proposal{<p><b><big>Firewall</big></b><br />
Firewall is a defensive mechanism that protects your computer from network attacks.</p>firewallcustom-rules+			+			+			+			<p><b><big>Custom Rules</big></b><br>
Here you can set special firewall rules that allow new connections
matching these rules.</p>firewall<p><b>Source Network</b><br>
Network or IP where the connection comes from,
e.g., <tt>192.168.0.1</tt> or <tt>192.168.0.0/255.255.255.0</tt>
or <tt>192.168.0.0/24</tt> or <tt>0/0</tt> (which means <tt>all</tt>).</p>firewallp<p><b>Protocol</b><br>
Protocol used by that packet. Special protocol <tt>RPC</tt> is used for
RPC services.</p>firewall<p><b>Destination Port</b><br>
Port name, port number or range of ports that are allowed to be
accessed, e.g., <tt>smtp</tt> or <tt>25</tt> or <tt>100:110</tt>.
In case of <tt>RPC</tt> protocol, use the RPC service name.
This entry is optional.</p>firewall<p><b>Source Port</b><br>
Port name, port number or range of ports where the packet
originates from. This entry is optional.</p>firewallcustom-rules-popup+			+			+			<p><b>Source Network</b><br>
Network or IP where the connection comes from,
e.g., <tt>192.168.0.1</tt> or <tt>192.168.0.0/255.255.255.0</tt>
or <tt>192.168.0.0/24</tt> or <tt>0/0</tt> (which means <tt>all</tt>).</p>firewallp<p><b>Protocol</b><br>
Protocol used by that packet. Special protocol <tt>RPC</tt> is used for
RPC services.</p>firewall<p><b>Destination Port</b><br>
Port name, port number or range of ports that are allowed to be
accessed, e.g., <tt>smtp</tt> or <tt>25</tt> or <tt>100:110</tt>.
In case of <tt>RPC</tt> protocol, use the RPC service name.
This entry is optional.</p>firewall<p><b>Source Port</b><br>
Port name, port number or range of ports where the packet
originates from. This entry is optional.</p>firewall%1identification	/#/#-0		
sformat		
 FIXME: Help for '%1' is missing!firewall	2firewall/uifunctions.ycp1 firewall/subdialogs.ycp$#2opt	decoratedcentered%A3network	#ret#$B(D||4D#&E(G0/04G#&H(K		regexpmatch		^[0123456789.]+$4K#&L(O		regexpmatch		^[0123456789.]+/[0123456789]+$4O
network_ip	network_mask	#$P					regexpsub				 ^([0123456789.]+)/[0123456789]+$\1$Q					regexpsub				 ^[0123456789.]+/([0123456789]+)$\1&S&&(V		regexpmatch		^[0123456789.]+/[0123456789.]+$4V
network_ip	network_mask	#$W					regexpsub				!^([0123456789.]+)/[0123456789.]+$\1$X					regexpsub				!^[0123456789.]+/([0123456789.]+)$\1&Z&&(]&&!4]#,_			
sformat		
Invalid network definition '%1'.
Network can be defined as an IP or IP with slash and netmask.

For instance: 192.168.0.1
or 192.168.0.0/20
or 192.168.0.0/255.255.255.0
or 0/0firewall-h%p4#,q
yast-firewall%x5key	##,y4,zidbackEnabled%6success#,,1saving_configuration$(,,sleep,-%7ret#,LabelStarting firewall...firewall,$,-%8ret#,LabelStopping firewall...firewall,$,-%9current_item	##(&	idtable_firewall_interfacesCurrentItem(		regexpmatch			^known-.*4#,idchange_firewall_interfaceEnabled,iduser_defined_firewall_interfaceEnabled4#,idchange_firewall_interfaceEnabled,iduser_defined_firewall_interfaceEnabled$:#%;table_items#$	,				foreach	interface		#	zone_name	#$No zone assignedfirewall(zone	&zone	(&&name		size	name	:4#'name+						substring		name	-:...&additemid+			known-id	name	id	,		foreachzone	#specials		zone_name	custom_string_text	#$$$,		foreachspecial	##&
Custom stringfirewall&additemid+			special-,idtable_firewall_interfacesItems,9$<
%=key	##,4&<
,				foreachknown_interface		##(	size	name	:4#'name+						substring		name	-:...'<id	name	,;%>	interface	#zonescurrent_zone	ret	changed#	$	itemidNo Zone Assignedfirewall$,		foreachzone_shortname	##&
additemid,
2<	$	$(ok4new_zone	#$	idzone_for_interfaceValue(4#& ,!,%(',';%-?starting_additionals		zones_additons			ret	changed#	$.
$/
,1		foreachzone_shortname	#specials	#$2'3'4nameitems			mergestring			 ,:
2$<	$>(?ok4?
events_remove	
events_add	#$@	$A	,B		foreachzone_shortname	#
new_additions	#$C			splitstring				id+			zone_additions_Value ,F		foreachnew_addition_item	##(G&&!		contains		4G#&H&I			add,N		foreachold_addition_item	#		#(O&&!		contains4O#&P&Q			add,V		foreachadding	##,W		,Y		foreachremoving	##,Z		,^(`,`;%f@key	event#retevent_reason	current_item	#$gID$i	EventReasonSelectionChanged$k	idtable_firewall_interfacesCurrentItem(o&&table_firewall_interfaces	Activated4o#(q		regexpmatch		^known-4q#&rchange_firewall_interface(t		regexpmatch			^special-4t#&uuser_defined_firewall_interface(z||change_firewall_interfaceuser_defined_firewall_interface4z#(|change_firewall_interface4|#(~		regexpmatch		^known-4~#,>					regexpsub				^known-(.*)\1(		regexpmatch			^special-4#,?4#,	
y2error	
Uknown interfaces_item '%1'(user_defined_firewall_interface4#,?(&&table_firewall_interfacesSelectionChanged4#,9-%Aport_nr	port_definition	#port_err	#$(4#&		
sformat		
Port number %1 is invalid.firewall4#&		
sformat		
+Port number %1 in definition %2 is invalid.firewall-Invalid Port Definitionfirewall+			+			

		
sformat		
AThe port number must be in the interval from 1 to %1 (inclusive).firewall%Bport_nrport	##(||4#-A	tostring	4#-%C	port_name	##(4#-4#,	-%Dui_id	ports	#checked#$,		foreachport	##(!.(-(		regexpmatch		^[0123456789]+$4port_nr#$	tointeger(&&B&&-(		regexpmatch		^[0123456789]+:[0123456789]+$4port1	port2	port1iport2i#$					regexpsub				^([0123456789]+):[0123456789]+$\1$					regexpsub				^[0123456789]+:([0123456789]+)$\1$	tointeger$	tointeger(!B&(!B&(&&&&-(&&!Invalid Port Range Definitionfirewall		
sformat		
Port range %1 is invalid.
It must be defined as the min_port_number:max_port_number and
max_port_number must be bigger than min_port_number.firewall4#&-(!4#(!Unknown Port Namefirewall		
sformat		
bPort name %1 is unknown in your current system.
It probably would not work.
Really use this port?
firewall&-(!4#,id-%$Eservices_definition	##(%		regexpmatch		,4%ports	#$&			splitstring			,-'%Invalid Additional Service Definitionfirewall		
sformat		
It appears that the additional service settings
%1
are wrong. Entries should be separated by spaces instead of commas,
which are not allowed.
Really use the current settings?firewall-3%6Fzone	#	zone_name	additional_tcp	additional_udp	additional_rpc	
additional_ip	ret	ret_value#$7,9
2$<		tosetTCP$=		tosetUDP$>		tosetRPC$?		tosetIP,Bidadditional_tcpValue			mergestring			 ,Cidadditional_udpValue			mergestring			 ,Didadditional_rpcValue			mergestring			 ,Eid
additional_ipValue			mergestring			 ,H	help_textValue1additional-services$J$K)L4L#&M(Ook4Os_additional_tcp	new_additional_tcp	s_additional_udp	new_additional_udp	s_additional_rpc	new_additional_rpc	s_additional_ip	new_additional_ip	#$P	idadditional_tcpValue$Q		toset			splitstring			 $S	idadditional_udpValue$T		toset			splitstring			 $V	idadditional_rpcValue$W		toset			splitstring			 $Y	id
additional_ipValue$Z		toset			splitstring			 (]!E/](^!E/^(_!E/_(`!E/`(c!Dadditional_tcp/c(d!Dadditional_udp/d,fTCP,gUDP,hRPC,iIP&k.l(m||cancelcancel4m#&n.o,s-t%wGcurrent_zone	##(x&&INT4x#,yidallow_service_namesEnabled,zidadd_allowed_serviceEnabled,{idtable_allowed_servicesEnabled,|idremove_allowed_serviceEnabled,}idadvanced_allowed_serviceEnabled4~#,idallow_service_namesEnabled,idadd_allowed_serviceEnabled,idtable_allowed_servicesEnabled,idremove_allowed_serviceEnabled,idadvanced_allowed_serviceEnabled%Hcurrent_zone	#allowed_servicestranslations_to_service_ids		all_known_servicesnot_allowed_services#
(!		contains4#,	
y2error	
Unknown zone '%1'-$	$
,				foreach
service_id	service_name	##(	4#(4#&		
sformat		
%1 (%2)4#&		
sformat		
%1 (%2)'$$	(&&INT!4#,				foreachservice_name	
service_id	##&additemid4#,				foreachservice_name	
service_id	##(4#&additemid4#&additemid&sortxy#		tolower			a		tolower			b&sortxy#		tolower			a		tolower			b,idtable_allowed_servicesItems,id allow_service_names_replacepointComboBoxidallow_service_names&Service to Allowfirewall,G(size4#,idremove_allowed_serviceEnabled%Ikey	#	init_zone	all_currently_known_zones	#,4(4#,idprotect_from_internalValue4#,idprotect_from_internalValue$EXT$(!		contains4#&	(4#,	
y2error	
There are no zones defined!-,H,idallowed_services_zoneValue%Jkey	event#retcurrent_zone	#$ID$	idallowed_services_zoneValue(allowed_services_zone4#,H(protect_from_internal4protect_from_internal#$idprotect_from_internalValue,,H(add_allowed_service4add_service	#$	idallow_service_namesValue,,H(remove_allowed_service4#(4remove_service	#$	idtable_allowed_servicesCurrentItem,,H(advanced_allowed_service4#(F4#,H-	%Kusable##,idtable_redirect_masqEnabled,idadd_redirect_to_masqueradeEnabled,idremove_redirect_to_masqueradeEnabled%Lpossiblehas_external	has_other#$!$%$&,(		foreachzone	##(*sizeunion--(/EXT&/&0&3&&-8%;Mkey	#
masquerademasquerade_possible#,<4$>$?L,Bidmasquerade_networksValue,GK&&(K!4K#,Midmasquerade_networksEnabled,Oid#replacepoint_masquerade_informationLeftLabelKMasquerading needs at least one external interface and one other interface.firewall-Y%\Nui_id	##(]idValue4]#,^id,`This entry must be completed.firewall-a-c%fOui_id	#port	#$g	idValue(j-j(m!4m#,nid,o+			+			Wrong port definition.firewall

-u(y!D-y-{%Pport_to_be_checked		widget_id	#port_number	#$-(4#,nWrong port definition.
No port number found for this port name.
Use the port number instead of the port name.
firewall(&&,id-%Qui_id	#ip	#$	idValue(!4#,id,+			+			Invalid IP definition.firewall

--%Rport	protocol	##(-(-&		tolower		(||rpc_rpc_-(		regexpmatch		^[0123456789]+$4	port_name	#$.(&&4#&		
sformat		
%1 (%2)(!		regexpmatch		^[0123456789]+:[0123456789]+$4port_number	#$-(&&4#&		
sformat		
%1 (%2)-%Sitemsrow_id#$	$,				foreachrule		##(to_port	4#'to_portreq_port	,		foreachkey	#	req_portto_port#'R	protocol	&additemid
source_net	protocol	req_ip	req_port	BulletArrowRight
forward_to	to_port	&+,idtable_redirect_masqItems%T	ret_value#,
2,idadd_source_network$)4ret#$(||cancelcancel4#.(ok4add_source_network	add_requested_ip	add_protocol	add_requested_port	add_redirectto_ip	add_redirectto_port	#(!Nadd_requested_port/(!Nadd_source_network/(!Nadd_redirectto_ip/(!Oadd_requested_port/(!Oadd_redirectto_port/(!Qadd_redirectto_ip/$	idadd_source_networkValue$	idadd_requested_ipValue$	idadd_protocolValue$	idadd_requested_portValue$	idadd_redirectto_ipValue$	idadd_redirectto_portValue(&&4#&Padd_requested_port(/(&&4#&Padd_redirectto_port(/,&.,(,S%Ukey	event#ret#$ID(masquerade_networks4
masquerade#$idmasquerade_networksValue,,K-!%$Vkey	event#ret#$%ID('add_redirect_to_masquerade4'#,(T()remove_redirect_to_masquerade4)current_item#$*idtable_redirect_masqCurrentItem(+4+#,,,-S%2Wkey	##,34,5S%8X
default_value	ret#,9
2$;,<idtrust_ipsec_asValue$>(@ok4@	new_value	#$A	idtrust_ipsec_asValue,B,E%IYkey	#	supported#,J4$M
service:ipsecEXT(O4O#,P	
y2error	
No such service 'service:ipsec',Qidispsec_supportEnabled4R#,Sidispsec_supportEnabled,Tidispsec_supportValue%XZkey	event#ret#$YID([
ipsec_details4[#,\X-_%b[key	event#
to_support#$cidispsec_supportValue,d	ipsec	EXT%g\key	##,h4,jidlogging_ACCEPTValueACCEPT,kidlogging_DROPValueDROP%n]key	event##,oACCEPT	idlogging_ACCEPTValue,qDROP	idlogging_DROPValue%u^key	#replace_dialogallowed_bcast_ports		#,v4$xVBox$z,|		foreachzone	#	zone_name	ports_for_zone	log_packets#$}$~			mergestring					 $no&addHBoxHWeight(
InputFieldid+			bcast_ports_opthstretchHWeight<VBoxLabelCheckBoxid+			
bcast_log_#&Log Not Accepted Broadcast Packetsfirewall,idreplace_point_bcast%_key	event#allowed_bcast_ports		#$
,		foreachzone	#
allowed_ports	log_packets#$			splitstring				id+			bcast_ports_Value $id+			
bcast_log_Value',noyes,$`$a%bkey	##&`&a%c	new_state#curr_runningnew_running#(`4#,	
y2milestone	
,Enable firewall status preserved (enable=%1)`-$$(&&4#(Firewall automatic starting has been disabled
but firewall is currently running.

Stop the firewall after the new configuration is written?firewall4#,	
y2milestone	
6User decided to stop the firewall after it is disabled&4#,	
y2milestone	
:User decided not to stop the firewall after it is disabled&,,,	
y2milestone	
INew Settings - Firewall Enabled: %1, Firewall Started: %2 (after Write())$d%ecurrent_zone	#rules		#(||!		contains4#,	
y2error	
Unknown zone '%1'-$(size4counteritems#$$				maplistone_rule		##&+-itemidnetwork	protocol	Rdport	protocol	Rsport	&sortaabb#		,idcustom_rules_tableItems,idremove_custom_ruleEnabled4#,idcustom_rules_tableItems	,idremove_custom_ruleEnabled%fkey	##,4(d4#,		foreachone_zone	#	union	EXT#(size&d(d&dEXT,idcustom_rules_firewall_zoneValued,ed%g
selected_zone	current_item##(4#,e,idcustom_rules_tableSelectedItem%
hport	##(		regexpmatch		^[0123456789]+$4#-
B	tointeger(!		regexpmatch		^[0123456789]+:[0123456789]+$4#-C%i
selected_zone	#	ret_value#,
2HBoxMinWidthRichText1custom-rules-popup ,idadd_source_network$ )"4"ret#$#(%||cancelcancel4%#.&('ok4'add_source_network	add_protocol	add_destination_port	add_source_port	#((!Nadd_source_network/(()!Nadd_protocol/)$+	idadd_source_networkValue$,	idadd_protocolValue$-	idadd_destination_portValue$.	idadd_source_portValue(1||!341#,2idadd_source_network,3	+			+					
sformat		
Invalid network definition '%1'firewall
/4(848#(949#(:!4:#,;idadd_destination_port,<			
sformat		
Invalid port range '%1'firewall/=(?!h4?#,@idadd_destination_port,A	+			+					
sformat		
 Invalid port name or number '%1'firewall
/B(G4G#(H4H#(I!4I#,Jidadd_source_port,K			
sformat		
Invalid port range '%1'firewall/L(N!h4N#,Oidadd_source_port,P	+			+					
sformat		
 Invalid port name or number '%1'firewall
/Q,Unetworkprotocoldportsport&_.`,d-f%ijkey	event#ret
selected_zone	#$jID$l	idcustom_rules_firewall_zoneValue(ncustom_rules_firewall_zone4n#&od,pe(qadd_custom_rule4q#(ri4r#,se(uremove_custom_rule4ucurrent_item#$vidcustom_rules_tableCurrentItem(x&&4x#,yg-}%kprotocol	sport	##(&&udp4#-All services using UDPfirewall(&&tcp4#-All services using TCPfirewall(&&udp4#-Samba browsingfirewall(&&udp4#-SLP browsingfirewall4#-		
sformat		
%1/%2%lnetwork	##(0/04#-All networksfirewall4#-		
sformat		

Subnet: %1firewall%mitems#$	,		foreachzone	#ruleset	rule_in_ruleset#$$,		foreachone_rule	#rulelist	#&+$			splitstring			,&additemid		
sformat		
%1 %2		
sformat		
k		l0/0	(-idtable_broadcastreply,idtable_broadcastreplyItems(-id	delete_br,id	delete_brEnabledsize%nkey	##,m$o
all-udpudpall-ycpudpsambaudpslpudp$p
all-tcpall-udpsamba137slp427%qservice	##-o	%rservice	##-p	%szone	network	service	protocol	port	##(user-defined4#-(!4#,idnetwork,	+			+					
sformat		
Invalid network definition '%1'firewall
-(!4#,idport,	+			+					
sformat		
 Invalid port name or number '%1'firewall
--%tzones
dialog_ret#$	,		foreachzone_shortname	##&additemidEXT,VBoxLeftComboBoxidzone&ZonefirewallLeftMinWidthComboBoxidnetworkopteditable&Networkfirewall	0/0LeftComboBoxidserviceoptnotify&Servicefirewallitemidsambakudp137itemidslpkudp427itemidall-udpkudpitemidall-tcpktcpitemiduser-definedUser-defined servicefirewallHSquashHBoxHWeightComboBoxidprotocoloptdisabled	&ProtocolfirewallitemidudpudpitemidtcptcpHWeight
InputFieldidportoptdisabledPo&rtfirewallVSpacing	ButtonBox
PushButtonidokoptokButtondefaultkey_F10
PushButtonidcanceloptcancelButtonkey_F9$)4ret#$(service4custom_service#$idserviceValueuser-defined,	idprotocolEnabled,
idportEnabled(ok4zone	network	service	protocol	port	items	new_rule	#
$
	idzoneValue$	idnetworkValue$	idserviceValue$user-defined	idprotocolValueq$user-defined	idportValuer(!s/ $#$$		
sformat		
%1,%2(%&%		
sformat		
%1,%2&&			add,'&*.+4,#.-,1-3%6ukey	event#ret#$7ID(9add_br49#(:t,;m(<	delete_br4<
current_id	#$=	idtable_broadcastreplyValue(>&&4>#(?4?item_to_deleteitems	item_in_list#$@			splitstring			 $A	$B	tointeger	-1'C&D			filterone_rule	#,E	,Fm4H#,I	Select an item to delete.firewall-M2firewall/summary.ycp$v$wTCP	TCP PortsfirewallUDP	UDP PortsfirewallRPCRPC ServicesfirewallIPIP ProtocolsfirewallBRDBroadcast Portsfirewall$*x<li>$+y</li>$-z<ul>$.{</ul>%1|&2x
        * &3y&4z&5{%8}zone_id	(949-:
4;-<+			+			
<h2>
</h2>
%@~spec_interface	zone	ret_val	$A(Cany4C(DEXT4D&E+			+			+			 '' 7Any unassigned interface will be assigned to this zone.firewall4M&N+			+			+			 '' *Currently supported only in external zone.firewall4R&T+			+			+			 '' Unknown network interface.firewall-W%Zzone_id	ret_summary	
interfaces		interface_id_to_name		interfaces_in_zone	special_interfaces	$[$]$^
,_				foreach	interface		'`id	name	$c$d(f||sizesize4f&g+			+			

Interfacesfirewall+			+			<h3>
Interfacesfirewall</h3>
&p+			z,q		foreachinterface_id	&r+			+			+			+			+			+			x 	+			
	 / 
y
,z		foreachspec_interface	&{+			+			+			+			x~y
&~+			{4&+			+			+			x$No interfaces assigned to this zone.firewally
-%
service_id		tcp_ports		udp_ports		rpc_ports	ip_protocols	broadcast_ports	ret	
$$$$$$(size4&				maplisttcp_port	RTCP&+			+			+			+			+			+			x	wTCP: 			mergestring			, y
(size4&				maplistudp_port	RUDP&+			+			+			+			+			+			x	wUDP: 			mergestring			, y
(size4&+			+			+			+			+			+			x	wRPC: 			mergestring			, y
(size4&+			+			+			+			+			+			x	wIP: 			mergestring			, y
(size4&				maplistbroadcast_port	
RUDP&+			+			+			+			+			+			x	wBRD: 
			mergestring			, y
(--+			+			+			+			
z{
%zone_id	show_detailsret_val	interfaces_in_zone	special_interfaces	$$$(||sizesize4&+			
#Open Services, Ports, and Protocolsfirewall+			+			<h3>#Open Services, Ports, and Protocolsfirewall</h3>
(&&INT!4&+			+			+			+			+			+			zx2Internal zone is unprotected.  All ports are open.firewally{
4
open_services	translations_to_service_ids		$$
,				foreach
service_id	service_name	',				foreachservice_name	
service_id	(4&+			+			+			+			+			+			x
:y
,		foreachprotocol		TCPUDPRPCIPadditional_services	$			mergestring			, (-&+			+			+			+			+			+			x	w: 
y
&+			+			+			+			z+			+			xZone has no open ports.firewally{
-%zone	show_detailscustom_rules		rules	$(4,	
y2error	
Wrong custom rules for %1-(size4,	
y2milestone	
No custom rules defined-$+			+			<h3>Custom Rulesfirewall</h3>&+			z(!4&+			+			+			x		
sformat		
%1 custom rules are definedfirewallsizey4,				foreachone_rule		proto	
one_rule_s	$protocoltcp	$+			+			x		
sformat		
\Network: <i>%1</i>, Protocol: <i>%2</i>, Destination port: <i>%3</i>, Source port: <i>%4</i>firewall
networkAllfirewall	
protocolAllfirewall	dport	
Rdport	Allfirewallsport	
Rsport	Allfirewally&!+			&%+			{-'%*zone_id	show_details-++			+			+			+			+			+			z
{
%3ret_message	$5+			+			

Firewall Startingfirewall+			+			<h2>Firewall Startingfirewall</h2>
&=+			z(@4@&B+			+			+			+			x)<b>Enable</b> firewall automatic startingfirewally

4C&E+			+			+			+			x*<b>Disable</b> firewall automatic startingfirewally

(I4I(K4K&M+			+			+			+			x4Firewall starts after the configuration gets writtenfirewally
4O&Q+			+			+			+			x;Firewall <b>starts</b> after the configuration gets writtenfirewally
4S(U4U&W+			+			+			+			xBFirewall <b>will be stopped</b> after the configuration is writtenfirewally
4Y&[+			+			+			+			x:Firewall will not start after the configuration is writtenfirewally
&_+			+			{

-a%dret_message	special_strings	interfaces_unassigned
$e+			+			

Unassigned Interfacesfirewall+			+			<h2>Unassigned Interfacesfirewall</h2>
$m	,n		foreachzone	&o	union(s||		containsany		containsauto4s,t	
y2milestone	
6Special strings 'any' or 'auto' presented, skipping...-u$x&y+			+			z9No network traffic is permitted through these interfaces.firewall,|				foreach	interface		(}zone	4}&~+			+			+			+			+			x ||name	name	id			
sformat		
%1 / %2name	id	y
&+&+			+			{
(--%	for_zones	summary	&v,	
y2milestone	
(Regenerating summary dialog, details: %1v,idshow_detailsValuev$+			+			<hr />(size&,		foreachzone_id	(		contains4&+			+			}v(&&!4,idbox_summary_richtextValue-2SuSEFirewallCMDLine.ycp1firewall/generalfunctions.ycp%#comma_separated_string-$			splitstring				,%.zone	optional(0&&40(2!		contains42,4		
sformat		
Unknown zone %1.firewall-547-84;(=-=,@		
sformat		
Parameter %1 must be set.firewallzone-A%Htable_items	,I,K
Listing Known Firewall Zones:firewall,L$N	,O		foreachzone	&P			add,R
Shortcutfirewall	Zone Namefirewall
,]%eoptions(glist4g,h-l%uoptionsfor_zone		for_zones	$y	zone$z	({4{(|!4|-}4~&,,
Summary:firewall,,-%options(&&atbootmanual4,Only one parameter is allowed.firewall(atboot4,,
	Start-Up:firewall,,(Enabling firewall in the boot process...firewall,,(manual4,,
	Start-Up:firewall,,*Removing firewall from the boot process...firewall,,(show4,,
	Start-Up:firewall,(4,'Firewall is enabled in the boot processfirewall4,Firewall needs manual startingfirewall,-%optionsunassigned_interfaces	
interfaces			for_zone	
$	$
,				foreach	interface		'id	(zone	4&			addid	$	zone(!-,(show4table_items	special_interfaces		,
%Network Interfaces in Firewall Zones:firewall,$	$
,		foreachzone	(&&-,		foreach	interface	&			addname	,		foreachspec_int	&			addSpecial firewall stringfirewall(&&size4,		foreach	interface	&			add---name	,
Zonefirewall	InterfacefirewallDevice Namefirewall
(add4	interface	$		interface(4,		
sformat		
Parameter %1 must be set.firewall	interface-(4,		
sformat		
Parameter %1 must be set.firewallzone-(
		
4,		
sformat		
(Adding special string %1 into zone %2...firewall,4,		
sformat		
#Adding interface %1 into zone %2...firewall,(	remove4		interface	$
		interface(4,
		
sformat		
Parameter %1 must be set.firewall	interface-(4,		
sformat		
Parameter %1 must be set.firewallzone-(
		
4,		
sformat		
*Removing special string %1 from zone %2...firewall,4,		
sformat		
%Removing interface %1 from zone %2...firewall,, -"%+optionslogging_meaning		$,ALLLog allfirewallCRITLog only criticalfirewallNONEDo not log anyfirewall(5show45log_accepted	log_nonaccepted	table_items	$6ACCEPT$7DROP,9,;
Global Logging Settings:firewall,<,>
	Rule TypefirewallValuefirewall
Logging LevelfirewallAcceptedfirewall		tolower		Software Error	Not acceptedfirewall		tolower		Software Error	
,M,P
Logging Broadcast Packets:firewall,Q$S	,T		foreachzone	&U			addyesLogging enabledfirewallLogging disabledfirewall,a
Shortfirewall	Zone NamefirewallLogging Statusfirewall
,m-o(pset4ppossible_levels	$q	allcritnone(raccepted4rvalue	$s		tolower			accepted(t!		contains4t,v		
sformat		
&Value %1 is not allowed for option %2.firewallacceptedaccepted-w,yACCEPT		toupper		({nonaccepted4{value	$|		tolower			nonaccepted(}!		contains4},		
sformat		
&Value %1 is not allowed for option %2.firewallnonacceptednonaccepted-,DROP		toupper		(logbroadcast4zones_to_setup	zone	value	$$	zone(4(!4-4&$		tolower			logbroadcast(!		contains	yesno4,		
sformat		
&Value %1 is not allowed for option %2.firewalllogbroadcastlogbroadcast-,		foreachzone	,-%options(show4	for_zones	zone	table_items	broadcast_ports		$$	zone(4(!4-4&,,
Allowed Broadcast Ports:firewall,$	$,		foreachzone		zone_name	$,		foreachport			&			add,
Shortfirewall	Zone NamefirewallPortfirewall
,-(&&addremove4,(Only one action command is allowed here.firewall-(||addremove4zone	todo	broadcast_ports		
(zone4,		
sformat		
Parameter %1 must be set.firewallzone-$	zone(!4-(port4,		
sformat		
Parameter %1 must be set.firewallport-$(add4&add(remove4&remove$,		foreachport		port(add4'		toset			add		4'			filterfilter_port			,--%table_items	,,
Defined Firewall Services:firewall$		,
				foreach
service_id	service_name	&			add,
,
IDfirewallService Namefirewall
,%	for_zones	detailedknown_services		protect_from_INTdetailed_def		table_items	$ $!$#	tcp_portsTCP portfirewall	udp_portsUDP portfirewall	rpc_portsRPC portfirewallip_protocolsIP protocolfirewall,.,0
Allowed Services in Zones:firewall,1$2	,3		foreachzone	(4!		contains-4(6&&INT46&7			add+			+			*All servicesfirewall*+			+			*Entire zone unprotectedfirewall*->,@				foreach
service_id	service_name	(A4A&B			add(D4Dneeded_ports		$E,F		foreach	short_def			tcp_ports	udp_ports	rpc_portsip_protocols(Gsize		4G,H		foreachport	!		&I			add		
sformat		
> %1: %2	!&L			add	,T
Zonefirewall
Service IDfirewallService Namefirewall
,_,a
Additional Allowed Ports:firewall,b&c	,d		foreachzone	(e!		contains-e(g&&INT4g&h			add+			+			*	All portsfirewall*+			+			*Entire zone unprotectedfirewall*-o,r		foreachprotocol		TCPUDPRPC,s		foreachport	&t			add,x
ZonefirewallProtocolfirewallPortfirewall
,,,
)Allowed Additional IP Protocols in Zones:firewall,&	,		foreachzone	(!		contains-(&&INT4&			add+			+			*All IP protocolsfirewall*+			+			*Entire zone unprotectedfirewall*-,		foreachprotocol	IP&			add,
ZonefirewallIP Protocolfirewall
,%action	zone	services	,		foreachservice	(!4,		
sformat		
Unknown service %1.firewall&			filterservice_item	(add4,4,%action	zone	ports_or_protocols	type	types		protocol	$

ipprotocolIPrpcportRPCtcpportTCPudpportUDP$	(4current	$(add4&	union4&			filter
check_item	!		contains,4,	
y2error	
Software error %1%zone	protect	&		tolower		(!		contains	yesno4,		
sformat		
&Value %1 is not allowed for option %2.firewallprotect-(INT4,.Protection can only be set for internal zones.firewall-,yes%options(list4,-(show4known_zones	for_zone	$$	zone(4(!4-4&,
detailed-(&&addremove4,(Only one action command is allowed here.firewall(||addremove4zone	action	
count_entries$	zone(!-$add(remove&remove$,		foreachtype		servicetcpportudpportrpcport
ipprotocolitems	$	(size4&+(service4,4,(%4%,&		
sformat		
At least one of %1 must be set.firewall,service, tcpport, udpport, rpcport, protocol-,(-protect4-zone	$.	zone(/!-/,1	protect42,3		
sformat		
0At least one action command from %1 must be set.firewalllist, show, add, remove%@optionstable_items	records		counter	,A,C
$Redirect Requests to Masqueraded IP:firewall,D$F	$G$H,I				foreachrecord		&J+(L||to_port	to_port	'Lto_portreq_port	(Nnames4N,O		foreachkey		to_portreq_port	port_name	$P.	(Q4Q'R&V			add	tostring	
source_net	protocol	req_ip	req_port	
forward_to	to_port	,\
IDfirewallSource NetworkfirewallProtocolfirewallReq. IPfirewall	Req. PortfirewallRedir. to IPfirewallRedir. to Portfirewall
,o%xoptions(yshow4y,z-{(|add4|checkednew		port_errors	$~,		foreachoption			sourcenetprotocolreq_portredir_ip(4,		
sformat		
Parameter %1 must be set.firewall&(!-$
,		foreachoption			sourcenetprotocolreq_portredir_ipreq_ip
redir_port'	'protocol		tolower		protocol	(!		contains	tcpudpprotocol	4,		
sformat		
&Value %1 is not allowed for option %2.firewallprotocol	protocol-$,		foreachkey		req_port
redir_port(	4port_number	$-	(4'4&+			+			
		
sformat		
Unknown port name %1.firewall	(4,-,	sourcenet	redir_ip	protocol	req_port	
redir_port	req_ip	-(remove4record(record4,		
sformat		
Parameter %1 must be set.firewallrecord-$record&-,-%options(show4,,
Masquerading Settings:firewall,,		
sformat		
Masquerading is %1firewallenabledfirewalldisabledfirewall,-(enable4,(disable4,$idfirewallhelpFirewall configurationfirewall
initializefinishactions	startuphandlerhelpStart-up settingsfirewallexample	startup showstartup atbootstartup manualzoneshandlerhelpKnown firewall zonesfirewallexample
zones list
interfaceshandlerhelp Network interfaces configurationfirewallexample	interfaces show&interfaces add interface=eth0 zone=INTserviceshandlerhelp&Allowed services, ports, and protocolsfirewallexample	services show detailed!services set protect=yes zone=INT1services add service=service:dhcp-server zone=EXT9services remove ipprotocol=esp tcpport=12,13,ipp zone=DMZ	broadcasthandlerhelpBroadcast packet settingsfirewallexample#broadcast add zone=INT port=ipp,233
masqueradehandlerhelpMasquerading settingsfirewallexample	masquerade showmasquerade enablemasqredirecthandlerhelp#Redirect requests to masqueraded IPfirewallexamplemasqredirect remove record=6logginghandlerhelpLogging settingsfirewallexample	logging set accepted=critical$logging set logbroadcast=no zone=INTsummaryhandlerhelpFirewall configuration summaryfirewallexample	summarysummary zone=EXToptionsshowhelpShow current settingsfirewallatboothelp"Start firewall in the boot processfirewallmanualhelpStart firewall manuallyfirewalllisthelpList configured entriesfirewallzonetypestringhelpZone short namefirewalladdhelpAdd a new recordfirewallremovehelpRemove a recordfirewall	interfacetypestringhelp$Network interface configuration namefirewallacceptedtypestringhelp(Logging accepted packets (all|crit|none)firewallnonacceptedtypestringhelp,Logging not accepted packets (all|crit|none)firewalllogbroadcasttypestringhelp"Logging broadcast packets (yes|no)firewallsethelp	Set valuefirewallporttypestringhelp2Port name or number; comma-separate multiple portsfirewallservicetypestringhelp8Known firewall service; comma-separate multiple servicesfirewalltcpporttypestringhelp6TCP port name or number; comma-separate multiple portsfirewalludpporttypestringhelp6UDP port name or number; comma-separate multiple portsfirewallrpcporttypestringhelp,RPC port name; comma-separate multiple portsfirewall
ipprotocoltypestringhelp3IP protocol name; comma-separate multiple protocolsfirewallprotecttypestringhelpSet zone protection (yes|no)firewalldetailedhelpDetailed informationfirewallenablehelp
Enable optionfirewalldisablehelpDisable optionfirewall	sourcenettypestringhelp8Source network, such as 0/0 or 145.12.35.0/255.255.255.0firewallprotocoltypestringhelpProtocol (tcp|udp)firewallreq_iptypestringhelp Requested external IP (optional)firewallreq_porttypestringhelpRequested port name or numberfirewallredir_iptypestringhelpRedirect to internal IPfirewall
redir_porttypestringhelp*Redirect to port on internal IP (optional)firewallrecordtypeintegerhelp
Record numberfirewallnameshelp&Use port names instead of port numbersfirewallmappings
		broadcastshowaddremovezoneport
interfacesshowaddremove	interfacezoneloggingshowsetacceptednonacceptedlogbroadcastzonemasqredirectshowaddremove	sourcenetprotocolreq_ipreq_portredir_ip
redir_portrecordnames
masqueradeshowenabledisableservices
listshowaddremovesetdetailedzoneservicetcpportudpportrpcport
ipprotocolprotectstartupshowatbootmanualsummaryzonezoneslist%&,	
y2milestone	
(----------------------------------------,	
y2milestone	
		
sformat		
'Starting CommandLine with parameters %1	WFM::Args,|,,	
y2milestone	
(----------------------------------------

ACC SHELL 2018