5.15.6. Class Service

A service is one of the fundamental objects. It stores the names of proxy-related parameters, and is also used for access control purposes to decide what kind of traffic is permitted.

Note

The Service class transfers application-level (proxy) services.

  • To transfer connections on the packet-filter level, use the PFService class.

  • To transfer connections on the application-level, use the Service class.

Example 5.38. Service example

The following service transfers HTTP connections. Every parameter is left at its default.

Service(name="demo_http, proxy_class=HttpProxy, router=TransparentRouter())

The following service handles HTTP connections. This service uses authentication and authorization, and network address translation on the client addresses (SNAT).

Service(name="demo_http", proxy_class=HttpProxy, authentication_policy="demo_authentication_policy", authorization_policy="demo_permituser", snat_policy="demo_natpolicy", router=TransparentRouter())

The following example defines a few classes: the client and server zones, a simple services, and a rule that starts the service.

Zone('internet', ['0.0.0.0/0'])
Zone('office', ['192.168.1.0/32', '192.168.2.0/32'])

def demo_instance() :
Service(name="office_http_inter", proxy_class=HttpProxy, router=TransparentRouter())
Rule(src_zone='office',
    proto=6,
    dst_zone='internet',
    service='office_http_inter'
    )