google / capirca

Multi-platform ACL generation system
Apache License 2.0
778 stars 209 forks source link

Define and document behavior for pan-application usage. #290

Closed kevinsteves closed 2 years ago

kevinsteves commented 2 years ago

pan-application:: paloalto target only. Specify applications for the security policy which can be predefined applications (https://applipedia.paloaltonetworks.com/) and custom application objects.

Security Policy Service Setting

When no protocol is specified in the term, the service will be
application-default.

When protocol is tcp or udp, and no source-port or
destination-port is specified, the service will be custom service
objects for the protocols and all ports (0-65535).

When protocol is tcp or udp, and a source-port or destination-port
is specified, the service will be custom service objects for the
protocols and ports.

pan-application can only be used when no protocol is specified in
the term, or the protocols tcp and udp.