What Are All the Predefined Applications That Create Predict Sessions or Require ALG?
0
Created On 04/26/19 10:15 AM - Last Modified 05/15/19 07:44 AM
Question
What are all the predefined applications that create predict sessions or require ALG?
Application Level Gateway (ALG) is used to open a pinhole for a limited time and for exclusively transferring data or control traffic.
Answer
To get the list of all applications that are ALG capable or would create a predict session, follow the sequence below:
admin@Firewall> set cli config-output-format set admin@Firewall> configure Entering configuration mode [edit] admin@Firewall# show predefined application | match "alg yes" <snip> set predefined application 104asdu-file-transfer-type120 alg yes set predefined application 104asdu-file-transfer-type121 alg yes set predefined application 104asdu-file-transfer-type122 alg yes set predefined application 104asdu-file-transfer-type123 alg yes set predefined application 104asdu-file-transfer-type124 alg yes set predefined application 104asdu-file-transfer-type125 alg yes set predefined application 104asdu-file-transfer-type126 alg yes set predefined application 104asdu-file-transfer-type127 alg yes set predefined application 104asdu-param-control-type110 alg yes <snip>
Additional Information
For additional information on predict sessions, please refer to the following articles:
Palo Alto Networks Firewall Session Overview
Session States and Types
As of 8146-5421 and PAN-OS 9.0.1, 313 applications are ALG capable. Here is a list of applications extracted by using the procedure shown above.
104asdu-file-transfer-type120 |
104asdu-file-transfer-type121 |
104asdu-file-transfer-type122 |
104asdu-file-transfer-type123 |
104asdu-file-transfer-type124 |
104asdu-file-transfer-type125 |
104asdu-file-transfer-type126 |
104asdu-file-transfer-type127 |
104asdu-param-control-type110 |
104asdu-param-control-type111 |
104asdu-param-control-type112 |
104asdu-param-control-type113 |
104asdu-process-control-type45 |
104asdu-process-control-type46 |
104asdu-process-control-type47 |
104asdu-process-control-type48 |
104asdu-process-control-type49 |
104asdu-process-control-type50 |
104asdu-process-control-type51 |
104asdu-process-control-type58 |
104asdu-process-control-type59 |
104asdu-process-control-type60 |
104asdu-process-control-type61 |
104asdu-process-control-type62 |
104asdu-process-control-type63 |
104asdu-process-control-type64 |
104asdu-process-monitor-type1 |
104asdu-process-monitor-type10 |
104asdu-process-monitor-type11 |
104asdu-process-monitor-type12 |
104asdu-process-monitor-type13 |
104asdu-process-monitor-type14 |
104asdu-process-monitor-type15 |
104asdu-process-monitor-type16 |
104asdu-process-monitor-type17 |
104asdu-process-monitor-type18 |
104asdu-process-monitor-type19 |
104asdu-process-monitor-type2 |
104asdu-process-monitor-type20 |
104asdu-process-monitor-type21 |
104asdu-process-monitor-type3 |
104asdu-process-monitor-type30 |
104asdu-process-monitor-type31 |
104asdu-process-monitor-type32 |
104asdu-process-monitor-type33 |
104asdu-process-monitor-type34 |
104asdu-process-monitor-type35 |
104asdu-process-monitor-type36 |
104asdu-process-monitor-type37 |
104asdu-process-monitor-type38 |
104asdu-process-monitor-type39 |
104asdu-process-monitor-type4 |
104asdu-process-monitor-type40 |
104asdu-process-monitor-type5 |
104asdu-process-monitor-type6 |
104asdu-process-monitor-type7 |
104asdu-process-monitor-type8 |
104asdu-process-monitor-type9 |
104asdu-system-control-type100 |
104asdu-system-control-type101 |
104asdu-system-control-type102 |
104asdu-system-control-type103 |
104asdu-system-control-type104 |
104asdu-system-control-type105 |
104asdu-system-control-type106 |
104asdu-system-control-type107 |
104asdu-system-monitor-type70 |
8x8 |
adobe-meeting |
aim-base |
aim-audio |
ali-wangwang-base |
amqp |
aol-proxy |
apache-jserv |
apple-remote-desktop |
asproxy |
avaya-webalive-base |
azureus |
bacnet-ack-alarm |
bacnet-add-list-element |
bacnet-atomic-read-file |
bacnet-atomic-write-file |
bacnet-authenticate |
bacnet-confirmed-cov-notify |
bacnet-confirmed-event-notify |
bacnet-confirmed-private-xfer |
bacnet-confirmed-text-message |
bacnet-create-object |
bacnet-delete-object |
bacnet-device-comm-control |
bacnet-get-alarm-summary |
bacnet-get-enrollment-summary |
bacnet-get-event-information |
bacnet-life-safety-operation |
bacnet-read-prop-conditional |
bacnet-read-prop-multiple |
bacnet-read-property |
bacnet-read-range |
bacnet-reinitialize-device |
bacnet-remove-list-element |
bacnet-request-key |
bacnet-subscribe-cov |
bacnet-subscribe-cov-property |
bacnet-vt-close |
bacnet-vt-data |
bacnet-vt-open |
bacnet-write-prop-multiple |
bacnet-write-property |
bigupload |
bittorrent |
bomgar |
brass |
buddybuddy-base |
capwap |
chatroulette |
cip-ethernet-ip-base |
cip-ethernet-ip-list-identity |
cip-ethernet-ip-reg-session |
cip-ethernet-ip-send-rr-data |
cip-ethernet-ip-send-unit-data |
citrix-jedi |
convo-base |
corba |
cotp |
cyber-ark-vault |
dhcp |
dialpad |
dicom |
discard |
dns |
ed137-base |
ed137-ptt-off-squ-off |
ed137-ptt-off-squ-on |
ed137-ptt-on-squ-off |
ed137-ptt-on-squ-on |
epeachtree |
epmd |
ezpeer |
factset |
fetion-base |
fileserve |
freegate |
freenet |
ftp |
fuze-meeting-base |
gatherplace-base |
gb2pp-base |
gb2pp-ptt-off |
gb2pp-ptt-on |
gb2pp-tone-off |
gb2pp-tone-on |
gdbremote |
ge-cic-xml |
globalmeet-base |
gnutella |
google-talk-base |
gtalk-file-transfer |
gtalk-voice |
gtp-base |
gtp-prime |
gtp-u |
gtpv0 |
gtpv1-c |
gtpv2-c |
h.225 |
h.245 |
h.248 |
hdfs |
http-nsri |
http-tunnel |
ibm-soliddb |
icmp |
icq |
iec-60870-5-104-base |
ike |
imap |
ip-messenger-base |
ipsec-esp-udp |
ipv6 |
irc-base |
jabber |
jumpdesktop |
kugoo |
laconica |
ldap |
league-of-legends |
lifesize |
llmnr |
logmein |
lpd |
lwapp |
m3ua |
mail.ru-agent-base |
maplestory |
mgcp |
mms |
modbus-base |
modbus-encapsulated-transport |
modbus-mask-write-register |
modbus-read-coils |
modbus-read-file-record |
modbus-read-holding-registers |
modbus-read-input-registers |
modbus-read-write-register |
modbus-write-file-record |
modbus-write-single-coil |
mongodb |
ms-kms |
msn-file-transfer |
msn-voice |
msrpc-base |
mssql-db-base |
mssql-db-encrypted |
mssql-db-unencrypted |
mssql-mon |
net.tcp |
net2phone |
netbios-ns |
nfs |
nntp |
ntp |
open-vpn |
oracle |
oracle-bi |
paltalk-base |
pcanywhere-base |
pcanywhere-file-transfer |
pcanywhere-remote-control |
phproxy |
ping |
ping-tunnel |
playstation-network |
poct1-a |
popo-im |
pptp |
progress-openedge |
qik-base |
qq-download |
qqlive |
radius |
rdio |
realtunnel |
rediffbol-base |
rediffbol-file-transfer |
ringcentral |
rpc |
rstatd |
rtmp |
rtmpt |
rtsp |
rusers |
sccp |
sctp |
security-kiss |
share-p2p |
siemens-s7-base |
siemens-s7-check-password-set |
siemens-s7-read |
siemens-s7-setup-communication |
siemens-s7-start |
siemens-s7-status-controller |
siemens-s7-stop |
silverlight |
simplify |
sina-uc-base |
sina-uc-file-transfer |
sip |
sip-trunk |
sipcli |
sipviaheader-nat |
skype-probe |
smtp |
snmp-base |
snmp-trap |
socks |
softros-messenger-base |
softros-messenger-file-transfer |
splashtop-remote |
spotify |
ssh |
ssl |
steganos-vpn |
stun |
subspace |
swiftmq |
sybase |
t.120 |
tales-runner |
teamviewer-base |
telnet |
tftp |
time |
unistim |
unknown-tcp |
viber-base |
viber-voice |
vidsoft |
vnc-base |
vnc-clipboard |
vnc-encrypted |
vnc-filetransfer |
vnc-print |
websocket |
wechat-base |
weiyun-base |
xbox-live |
xunlei |
yahoo-im-base |
yoics |
ypserv |
yy-voice-base |
zelune |