This module defines classes encapsulating service descriptions. The services define how Zorp handles incoming connection requests. When a connection is accepted by a Rule, the service specified in the Rule creates an instance of itself. This instance handles the connection, and proxies the traffic between the client and the server. It also handles TLS and SSL encryption of the traffic if needed, as configured in the encryption_policy parameter of the service. (Note that in Zorp version 5 and earlier, encryption was handled by the Proxy class.) The instance of the selected service is created using the 'startInstance()' method.

A service is not usable on its own, it needs a Rule to bind the service to a network interface of the firewall and activate it when a matching connection request is received. New instances of the service are started as the Rule accepts new connections.