Table of Contents
This appendix defines the object definitions used in the FireBrick FB6402 (firewall) configuration. Copyright © 2008-2023 FireBrick Ltd.
The top level config element contains all of the FireBrick configuration data.
Table I.1. config: Attributes
Attribute | Type | Default | Description |
ip | IPAddr | - | Config store IP address |
patch | integer | - | Internal use, for s/w updates that change config syntax |
serial | string | - | Serial number |
timestamp | dateTime | - | Config store time, set automatically when config is saved |
version | string | - | Code version |
who | string | - | Config store username |
Table I.2. config: Elements
Element | Type | Instances | Description |
bgp | bgp | Optional, up to 100 | BGP config |
bgp-filter | namedbgpmap | Optional, unlimited | Mapping and filtering rules for use with BGP peers |
blackhole | blackhole | Optional, unlimited | Black hole (dropped packets) networks |
cqm | cqm | Optional | Constant Quality Monitoring config |
dhcp-relay | dhcp-relay | Optional, unlimited | DHCP server settings for remote / relayed requests |
eap | eap | Optional, unlimited | User access control via EAP |
ethernet | ethernet | Optional, unlimited | Ethernet port settings |
etun | etun | Optional, unlimited | Ether tunnel (RFC3378) |
fb105 | fb105 | Optional, up to 255 | FB105 tunnel settings |
interface | interface | Optional, up to 8192 | Ethernet interface (port-group/vlan) and subnets |
ip-group | ip-group | Optional, unlimited | Named IP groups |
ipsec-ike | ipsec-ike | Optional | IPsec connection settings |
log | log | Optional, up to 63 | Log target controls |
loopback | loopback | Optional, unlimited | Extra local addresses |
network | network | Optional, unlimited | Locally originated networks |
nowhere | blackhole | Optional, unlimited | Dead end (icmp error) networks |
port | portdef | Optional, up to 2 | Port grouping and naming |
profile | profile | Optional, unlimited | Control profiles |
route | route | Optional, unlimited | Static routes |
route-override | route-override | Optional, unlimited | Routing override rules |
routing-tables | routing-table | Optional, unlimited | Routing table settings |
rule-set | rule-set | Optional, unlimited | Firewall/mapping rules |
sampling | sampling | Optional | Sampling parameters |
services | services | Optional | General system services |
shaper | shaper | Optional, unlimited | Named traffic shapers |
system | system | Optional | System settings |
user | user | Optional, unlimited | Admin users |