xref: /illumos-gate/usr/src/cmd/tsol/tnctl/tnzonecfg (revision 7c500f1b365962a44422512b5c00083faa05a79e)
1#
2# CDDL HEADER START
3#
4# The contents of this file are subject to the terms of the
5# Common Development and Distribution License (the "License").
6# You may not use this file except in compliance with the License.
7#
8# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9# or http://www.opensolaris.org/os/licensing.
10# See the License for the specific language governing permissions
11# and limitations under the License.
12#
13# When distributing Covered Code, include this CDDL HEADER in each
14# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15# If applicable, add the following below this CDDL HEADER, with the
16# fields enclosed by brackets "[]" replaced with your own identifying
17# information: Portions Copyright [yyyy] [name of copyright owner]
18#
19# CDDL HEADER END
20#
21#
22# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23# Use is subject to license terms.
24#
25#There are five fields separated by colon in this configuration file:
26#First Field: 	Name for the corresponding zone.
27#		It is used when zone is configured.
28#
29#Second Field: 	Label for the corresponding zone.
30#		It is used to label the zone when zone is booted.
31#		The label can be either hex label or  symbolic ones defined by
32#		label_encodings files.
33#
34#Third Field:	Policy match level for non-transport traffic.
35#		Currently unused.
36#
37#Fourth Field:	Multi-Level port configuration entry for private addresses.
38#		mlp info is list of semicolon separated mlp configuration entry.
39#		Each mlp configuration entry is specified by port/protocol.
40#
41#Fifth Field:	Multi-Level port configuration entry for shared address.
42#		It only applies to global zones.
43#
44# This is the default global zone configuration.  Note that although this
45# entry must have a label and match flag, neither is configurable by the user.
46#
47# Multilevel Port (MLP) specification:
48#
49#	MLP			PURPOSE
50#	---			-------
51#	111			Port Mapper
52#	500			IKE (IPsec key management)
53#	515			BSD Multilevel Printing
54#	631			IPP Multilevel Printing
55#	2049			NFSv4 server
56#	4500			IKE NAT-T (IPsec/IKE nat traversal)
57#	6000-6003		Multilevel Desktop
58#
59global:ADMIN_LOW:1:111/tcp;111/udp;500/udp;4500/udp;515/tcp;631/tcp;2049/tcp;6000-6003/tcp:6000-6003/tcp;500/udp;4500/udp
60