github.com/vmware/govmomi@v0.51.0/simulator/esx/host_firewall_system.go (about) 1 // © Broadcom. All Rights Reserved. 2 // The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. 3 // SPDX-License-Identifier: Apache-2.0 4 5 package esx 6 7 import "github.com/vmware/govmomi/vim25/types" 8 9 // HostFirewallInfo is the default template for the HostSystem config.firewall property. 10 // Capture method: 11 // govc object.collect -s -dump HostSystem:ha-host config.firewall 12 var HostFirewallInfo = types.HostFirewallInfo{ 13 DynamicData: types.DynamicData{}, 14 DefaultPolicy: types.HostFirewallDefaultPolicy{ 15 DynamicData: types.DynamicData{}, 16 IncomingBlocked: types.NewBool(true), 17 OutgoingBlocked: types.NewBool(true), 18 }, 19 Ruleset: []types.HostFirewallRuleset{ 20 { 21 DynamicData: types.DynamicData{}, 22 Key: "CIMHttpServer", 23 Label: "CIM Server", 24 Required: false, 25 Rule: []types.HostFirewallRule{ 26 { 27 DynamicData: types.DynamicData{}, 28 Port: 5988, 29 EndPort: 0, 30 Direction: "inbound", 31 PortType: "dst", 32 Protocol: "tcp", 33 }, 34 }, 35 Service: "sfcbd-watchdog", 36 Enabled: true, 37 AllowedHosts: &types.HostFirewallRulesetIpList{ 38 DynamicData: types.DynamicData{}, 39 IpAddress: nil, 40 IpNetwork: nil, 41 AllIp: true, 42 }, 43 }, 44 { 45 DynamicData: types.DynamicData{}, 46 Key: "CIMHttpsServer", 47 Label: "CIM Secure Server", 48 Required: false, 49 Rule: []types.HostFirewallRule{ 50 { 51 DynamicData: types.DynamicData{}, 52 Port: 5989, 53 EndPort: 0, 54 Direction: "inbound", 55 PortType: "dst", 56 Protocol: "tcp", 57 }, 58 }, 59 Service: "sfcbd-watchdog", 60 Enabled: true, 61 AllowedHosts: &types.HostFirewallRulesetIpList{ 62 DynamicData: types.DynamicData{}, 63 IpAddress: nil, 64 IpNetwork: nil, 65 AllIp: true, 66 }, 67 }, 68 { 69 DynamicData: types.DynamicData{}, 70 Key: "CIMSLP", 71 Label: "CIM SLP", 72 Required: false, 73 Rule: []types.HostFirewallRule{ 74 { 75 DynamicData: types.DynamicData{}, 76 Port: 427, 77 EndPort: 0, 78 Direction: "inbound", 79 PortType: "dst", 80 Protocol: "udp", 81 }, 82 { 83 DynamicData: types.DynamicData{}, 84 Port: 427, 85 EndPort: 0, 86 Direction: "outbound", 87 PortType: "dst", 88 Protocol: "udp", 89 }, 90 { 91 DynamicData: types.DynamicData{}, 92 Port: 427, 93 EndPort: 0, 94 Direction: "inbound", 95 PortType: "dst", 96 Protocol: "tcp", 97 }, 98 { 99 DynamicData: types.DynamicData{}, 100 Port: 427, 101 EndPort: 0, 102 Direction: "outbound", 103 PortType: "dst", 104 Protocol: "tcp", 105 }, 106 }, 107 Service: "", 108 Enabled: true, 109 AllowedHosts: &types.HostFirewallRulesetIpList{ 110 DynamicData: types.DynamicData{}, 111 IpAddress: nil, 112 IpNetwork: nil, 113 AllIp: true, 114 }, 115 }, 116 { 117 DynamicData: types.DynamicData{}, 118 Key: "DHCPv6", 119 Label: "DHCPv6", 120 Required: false, 121 Rule: []types.HostFirewallRule{ 122 { 123 DynamicData: types.DynamicData{}, 124 Port: 547, 125 EndPort: 0, 126 Direction: "outbound", 127 PortType: "dst", 128 Protocol: "tcp", 129 }, 130 { 131 DynamicData: types.DynamicData{}, 132 Port: 546, 133 EndPort: 0, 134 Direction: "inbound", 135 PortType: "dst", 136 Protocol: "tcp", 137 }, 138 { 139 DynamicData: types.DynamicData{}, 140 Port: 547, 141 EndPort: 0, 142 Direction: "outbound", 143 PortType: "dst", 144 Protocol: "udp", 145 }, 146 { 147 DynamicData: types.DynamicData{}, 148 Port: 546, 149 EndPort: 0, 150 Direction: "inbound", 151 PortType: "dst", 152 Protocol: "udp", 153 }, 154 }, 155 Service: "", 156 Enabled: true, 157 AllowedHosts: &types.HostFirewallRulesetIpList{ 158 DynamicData: types.DynamicData{}, 159 IpAddress: nil, 160 IpNetwork: nil, 161 AllIp: true, 162 }, 163 }, 164 { 165 DynamicData: types.DynamicData{}, 166 Key: "DVFilter", 167 Label: "DVFilter", 168 Required: false, 169 Rule: []types.HostFirewallRule{ 170 { 171 DynamicData: types.DynamicData{}, 172 Port: 2222, 173 EndPort: 0, 174 Direction: "inbound", 175 PortType: "dst", 176 Protocol: "tcp", 177 }, 178 }, 179 Service: "", 180 Enabled: false, 181 AllowedHosts: &types.HostFirewallRulesetIpList{ 182 DynamicData: types.DynamicData{}, 183 IpAddress: nil, 184 IpNetwork: nil, 185 AllIp: true, 186 }, 187 }, 188 { 189 DynamicData: types.DynamicData{}, 190 Key: "DVSSync", 191 Label: "DVSSync", 192 Required: false, 193 Rule: []types.HostFirewallRule{ 194 { 195 DynamicData: types.DynamicData{}, 196 Port: 8302, 197 EndPort: 0, 198 Direction: "outbound", 199 PortType: "dst", 200 Protocol: "udp", 201 }, 202 { 203 DynamicData: types.DynamicData{}, 204 Port: 8301, 205 EndPort: 0, 206 Direction: "inbound", 207 PortType: "dst", 208 Protocol: "udp", 209 }, 210 { 211 DynamicData: types.DynamicData{}, 212 Port: 8301, 213 EndPort: 0, 214 Direction: "outbound", 215 PortType: "dst", 216 Protocol: "udp", 217 }, 218 { 219 DynamicData: types.DynamicData{}, 220 Port: 8302, 221 EndPort: 0, 222 Direction: "inbound", 223 PortType: "dst", 224 Protocol: "udp", 225 }, 226 }, 227 Service: "", 228 Enabled: true, 229 AllowedHosts: &types.HostFirewallRulesetIpList{ 230 DynamicData: types.DynamicData{}, 231 IpAddress: nil, 232 IpNetwork: nil, 233 AllIp: true, 234 }, 235 }, 236 { 237 DynamicData: types.DynamicData{}, 238 Key: "HBR", 239 Label: "HBR", 240 Required: false, 241 Rule: []types.HostFirewallRule{ 242 { 243 DynamicData: types.DynamicData{}, 244 Port: 31031, 245 EndPort: 0, 246 Direction: "outbound", 247 PortType: "dst", 248 Protocol: "tcp", 249 }, 250 { 251 DynamicData: types.DynamicData{}, 252 Port: 44046, 253 EndPort: 0, 254 Direction: "outbound", 255 PortType: "dst", 256 Protocol: "tcp", 257 }, 258 }, 259 Service: "", 260 Enabled: true, 261 AllowedHosts: &types.HostFirewallRulesetIpList{ 262 DynamicData: types.DynamicData{}, 263 IpAddress: nil, 264 IpNetwork: nil, 265 AllIp: true, 266 }, 267 }, 268 { 269 DynamicData: types.DynamicData{}, 270 Key: "NFC", 271 Label: "NFC", 272 Required: false, 273 Rule: []types.HostFirewallRule{ 274 { 275 DynamicData: types.DynamicData{}, 276 Port: 902, 277 EndPort: 0, 278 Direction: "inbound", 279 PortType: "dst", 280 Protocol: "tcp", 281 }, 282 { 283 DynamicData: types.DynamicData{}, 284 Port: 902, 285 EndPort: 0, 286 Direction: "outbound", 287 PortType: "dst", 288 Protocol: "tcp", 289 }, 290 }, 291 Service: "", 292 Enabled: true, 293 AllowedHosts: &types.HostFirewallRulesetIpList{ 294 DynamicData: types.DynamicData{}, 295 IpAddress: nil, 296 IpNetwork: nil, 297 AllIp: true, 298 }, 299 }, 300 { 301 DynamicData: types.DynamicData{}, 302 Key: "WOL", 303 Label: "WOL", 304 Required: false, 305 Rule: []types.HostFirewallRule{ 306 { 307 DynamicData: types.DynamicData{}, 308 Port: 9, 309 EndPort: 0, 310 Direction: "outbound", 311 PortType: "dst", 312 Protocol: "udp", 313 }, 314 }, 315 Service: "", 316 Enabled: true, 317 AllowedHosts: &types.HostFirewallRulesetIpList{ 318 DynamicData: types.DynamicData{}, 319 IpAddress: nil, 320 IpNetwork: nil, 321 AllIp: true, 322 }, 323 }, 324 { 325 DynamicData: types.DynamicData{}, 326 Key: "activeDirectoryAll", 327 Label: "Active Directory All", 328 Required: false, 329 Rule: []types.HostFirewallRule{ 330 { 331 DynamicData: types.DynamicData{}, 332 Port: 88, 333 EndPort: 0, 334 Direction: "outbound", 335 PortType: "dst", 336 Protocol: "udp", 337 }, 338 { 339 DynamicData: types.DynamicData{}, 340 Port: 88, 341 EndPort: 0, 342 Direction: "outbound", 343 PortType: "dst", 344 Protocol: "tcp", 345 }, 346 { 347 DynamicData: types.DynamicData{}, 348 Port: 123, 349 EndPort: 0, 350 Direction: "outbound", 351 PortType: "dst", 352 Protocol: "udp", 353 }, 354 { 355 DynamicData: types.DynamicData{}, 356 Port: 137, 357 EndPort: 0, 358 Direction: "outbound", 359 PortType: "dst", 360 Protocol: "udp", 361 }, 362 { 363 DynamicData: types.DynamicData{}, 364 Port: 139, 365 EndPort: 0, 366 Direction: "outbound", 367 PortType: "dst", 368 Protocol: "tcp", 369 }, 370 { 371 DynamicData: types.DynamicData{}, 372 Port: 389, 373 EndPort: 0, 374 Direction: "outbound", 375 PortType: "dst", 376 Protocol: "tcp", 377 }, 378 { 379 DynamicData: types.DynamicData{}, 380 Port: 389, 381 EndPort: 0, 382 Direction: "outbound", 383 PortType: "dst", 384 Protocol: "udp", 385 }, 386 { 387 DynamicData: types.DynamicData{}, 388 Port: 445, 389 EndPort: 0, 390 Direction: "outbound", 391 PortType: "dst", 392 Protocol: "tcp", 393 }, 394 { 395 DynamicData: types.DynamicData{}, 396 Port: 464, 397 EndPort: 0, 398 Direction: "outbound", 399 PortType: "dst", 400 Protocol: "udp", 401 }, 402 { 403 DynamicData: types.DynamicData{}, 404 Port: 464, 405 EndPort: 0, 406 Direction: "outbound", 407 PortType: "dst", 408 Protocol: "tcp", 409 }, 410 { 411 DynamicData: types.DynamicData{}, 412 Port: 3268, 413 EndPort: 0, 414 Direction: "outbound", 415 PortType: "dst", 416 Protocol: "tcp", 417 }, 418 { 419 DynamicData: types.DynamicData{}, 420 Port: 7476, 421 EndPort: 0, 422 Direction: "outbound", 423 PortType: "dst", 424 Protocol: "tcp", 425 }, 426 { 427 DynamicData: types.DynamicData{}, 428 Port: 2020, 429 EndPort: 0, 430 Direction: "inbound", 431 PortType: "dst", 432 Protocol: "tcp", 433 }, 434 }, 435 Service: "", 436 Enabled: false, 437 AllowedHosts: &types.HostFirewallRulesetIpList{ 438 DynamicData: types.DynamicData{}, 439 IpAddress: nil, 440 IpNetwork: nil, 441 AllIp: true, 442 }, 443 }, 444 { 445 DynamicData: types.DynamicData{}, 446 Key: "cmmds", 447 Label: "Virtual SAN Clustering Service", 448 Required: false, 449 Rule: []types.HostFirewallRule{ 450 { 451 DynamicData: types.DynamicData{}, 452 Port: 12345, 453 EndPort: 0, 454 Direction: "inbound", 455 PortType: "dst", 456 Protocol: "udp", 457 }, 458 { 459 DynamicData: types.DynamicData{}, 460 Port: 23451, 461 EndPort: 0, 462 Direction: "inbound", 463 PortType: "dst", 464 Protocol: "udp", 465 }, 466 { 467 DynamicData: types.DynamicData{}, 468 Port: 12345, 469 EndPort: 0, 470 Direction: "outbound", 471 PortType: "dst", 472 Protocol: "udp", 473 }, 474 { 475 DynamicData: types.DynamicData{}, 476 Port: 23451, 477 EndPort: 0, 478 Direction: "outbound", 479 PortType: "dst", 480 Protocol: "udp", 481 }, 482 { 483 DynamicData: types.DynamicData{}, 484 Port: 12321, 485 EndPort: 0, 486 Direction: "inbound", 487 PortType: "dst", 488 Protocol: "udp", 489 }, 490 { 491 DynamicData: types.DynamicData{}, 492 Port: 12321, 493 EndPort: 0, 494 Direction: "outbound", 495 PortType: "dst", 496 Protocol: "udp", 497 }, 498 }, 499 Service: "", 500 Enabled: false, 501 AllowedHosts: &types.HostFirewallRulesetIpList{ 502 DynamicData: types.DynamicData{}, 503 IpAddress: nil, 504 IpNetwork: nil, 505 AllIp: true, 506 }, 507 }, 508 { 509 DynamicData: types.DynamicData{}, 510 Key: "dhcp", 511 Label: "DHCP Client", 512 Required: false, 513 Rule: []types.HostFirewallRule{ 514 { 515 DynamicData: types.DynamicData{}, 516 Port: 68, 517 EndPort: 0, 518 Direction: "inbound", 519 PortType: "dst", 520 Protocol: "udp", 521 }, 522 { 523 DynamicData: types.DynamicData{}, 524 Port: 68, 525 EndPort: 0, 526 Direction: "outbound", 527 PortType: "src", 528 Protocol: "udp", 529 }, 530 }, 531 Service: "", 532 Enabled: true, 533 AllowedHosts: &types.HostFirewallRulesetIpList{ 534 DynamicData: types.DynamicData{}, 535 IpAddress: nil, 536 IpNetwork: nil, 537 AllIp: true, 538 }, 539 }, 540 { 541 DynamicData: types.DynamicData{}, 542 Key: "dns", 543 Label: "DNS Client", 544 Required: false, 545 Rule: []types.HostFirewallRule{ 546 { 547 DynamicData: types.DynamicData{}, 548 Port: 53, 549 EndPort: 0, 550 Direction: "inbound", 551 PortType: "dst", 552 Protocol: "udp", 553 }, 554 { 555 DynamicData: types.DynamicData{}, 556 Port: 53, 557 EndPort: 0, 558 Direction: "outbound", 559 PortType: "dst", 560 Protocol: "udp", 561 }, 562 { 563 DynamicData: types.DynamicData{}, 564 Port: 53, 565 EndPort: 0, 566 Direction: "outbound", 567 PortType: "dst", 568 Protocol: "tcp", 569 }, 570 }, 571 Service: "", 572 Enabled: true, 573 AllowedHosts: &types.HostFirewallRulesetIpList{ 574 DynamicData: types.DynamicData{}, 575 IpAddress: nil, 576 IpNetwork: nil, 577 AllIp: true, 578 }, 579 }, 580 { 581 DynamicData: types.DynamicData{}, 582 Key: "esxupdate", 583 Label: "esxupdate", 584 Required: false, 585 Rule: []types.HostFirewallRule{ 586 { 587 DynamicData: types.DynamicData{}, 588 Port: 443, 589 EndPort: 0, 590 Direction: "outbound", 591 PortType: "dst", 592 Protocol: "tcp", 593 }, 594 }, 595 Service: "", 596 Enabled: false, 597 AllowedHosts: &types.HostFirewallRulesetIpList{ 598 DynamicData: types.DynamicData{}, 599 IpAddress: nil, 600 IpNetwork: nil, 601 AllIp: true, 602 }, 603 }, 604 { 605 DynamicData: types.DynamicData{}, 606 Key: "faultTolerance", 607 Label: "Fault Tolerance", 608 Required: false, 609 Rule: []types.HostFirewallRule{ 610 { 611 DynamicData: types.DynamicData{}, 612 Port: 80, 613 EndPort: 0, 614 Direction: "outbound", 615 PortType: "dst", 616 Protocol: "tcp", 617 }, 618 { 619 DynamicData: types.DynamicData{}, 620 Port: 8300, 621 EndPort: 0, 622 Direction: "inbound", 623 PortType: "dst", 624 Protocol: "tcp", 625 }, 626 { 627 DynamicData: types.DynamicData{}, 628 Port: 8300, 629 EndPort: 0, 630 Direction: "outbound", 631 PortType: "dst", 632 Protocol: "tcp", 633 }, 634 }, 635 Service: "", 636 Enabled: true, 637 AllowedHosts: &types.HostFirewallRulesetIpList{ 638 DynamicData: types.DynamicData{}, 639 IpAddress: nil, 640 IpNetwork: nil, 641 AllIp: true, 642 }, 643 }, 644 { 645 DynamicData: types.DynamicData{}, 646 Key: "ftpClient", 647 Label: "FTP Client", 648 Required: false, 649 Rule: []types.HostFirewallRule{ 650 { 651 DynamicData: types.DynamicData{}, 652 Port: 21, 653 EndPort: 0, 654 Direction: "outbound", 655 PortType: "dst", 656 Protocol: "tcp", 657 }, 658 { 659 DynamicData: types.DynamicData{}, 660 Port: 20, 661 EndPort: 0, 662 Direction: "inbound", 663 PortType: "src", 664 Protocol: "tcp", 665 }, 666 }, 667 Service: "", 668 Enabled: false, 669 AllowedHosts: &types.HostFirewallRulesetIpList{ 670 DynamicData: types.DynamicData{}, 671 IpAddress: nil, 672 IpNetwork: nil, 673 AllIp: true, 674 }, 675 }, 676 { 677 DynamicData: types.DynamicData{}, 678 Key: "gdbserver", 679 Label: "gdbserver", 680 Required: false, 681 Rule: []types.HostFirewallRule{ 682 { 683 DynamicData: types.DynamicData{}, 684 Port: 1000, 685 EndPort: 9999, 686 Direction: "inbound", 687 PortType: "dst", 688 Protocol: "tcp", 689 }, 690 { 691 DynamicData: types.DynamicData{}, 692 Port: 50000, 693 EndPort: 50999, 694 Direction: "inbound", 695 PortType: "dst", 696 Protocol: "tcp", 697 }, 698 }, 699 Service: "", 700 Enabled: false, 701 AllowedHosts: &types.HostFirewallRulesetIpList{ 702 DynamicData: types.DynamicData{}, 703 IpAddress: nil, 704 IpNetwork: nil, 705 AllIp: true, 706 }, 707 }, 708 { 709 DynamicData: types.DynamicData{}, 710 Key: "httpClient", 711 Label: "httpClient", 712 Required: false, 713 Rule: []types.HostFirewallRule{ 714 { 715 DynamicData: types.DynamicData{}, 716 Port: 80, 717 EndPort: 0, 718 Direction: "outbound", 719 PortType: "dst", 720 Protocol: "tcp", 721 }, 722 { 723 DynamicData: types.DynamicData{}, 724 Port: 443, 725 EndPort: 0, 726 Direction: "outbound", 727 PortType: "dst", 728 Protocol: "tcp", 729 }, 730 }, 731 Service: "", 732 Enabled: false, 733 AllowedHosts: &types.HostFirewallRulesetIpList{ 734 DynamicData: types.DynamicData{}, 735 IpAddress: nil, 736 IpNetwork: nil, 737 AllIp: true, 738 }, 739 }, 740 { 741 DynamicData: types.DynamicData{}, 742 Key: "iSCSI", 743 Label: "Software iSCSI Client", 744 Required: false, 745 Rule: []types.HostFirewallRule{ 746 { 747 DynamicData: types.DynamicData{}, 748 Port: 3260, 749 EndPort: 0, 750 Direction: "outbound", 751 PortType: "dst", 752 Protocol: "tcp", 753 }, 754 }, 755 Service: "", 756 Enabled: false, 757 AllowedHosts: &types.HostFirewallRulesetIpList{ 758 DynamicData: types.DynamicData{}, 759 IpAddress: nil, 760 IpNetwork: nil, 761 AllIp: true, 762 }, 763 }, 764 { 765 DynamicData: types.DynamicData{}, 766 Key: "iofiltervp", 767 Label: "iofiltervp", 768 Required: false, 769 Rule: []types.HostFirewallRule{ 770 { 771 DynamicData: types.DynamicData{}, 772 Port: 9080, 773 EndPort: 0, 774 Direction: "inbound", 775 PortType: "dst", 776 Protocol: "tcp", 777 }, 778 }, 779 Service: "", 780 Enabled: true, 781 AllowedHosts: &types.HostFirewallRulesetIpList{ 782 DynamicData: types.DynamicData{}, 783 IpAddress: nil, 784 IpNetwork: nil, 785 AllIp: true, 786 }, 787 }, 788 { 789 DynamicData: types.DynamicData{}, 790 Key: "ipfam", 791 Label: "NSX Distributed Logical Router Service", 792 Required: false, 793 Rule: []types.HostFirewallRule{ 794 { 795 DynamicData: types.DynamicData{}, 796 Port: 6999, 797 EndPort: 0, 798 Direction: "inbound", 799 PortType: "dst", 800 Protocol: "udp", 801 }, 802 { 803 DynamicData: types.DynamicData{}, 804 Port: 6999, 805 EndPort: 0, 806 Direction: "outbound", 807 PortType: "dst", 808 Protocol: "udp", 809 }, 810 }, 811 Service: "", 812 Enabled: false, 813 AllowedHosts: &types.HostFirewallRulesetIpList{ 814 DynamicData: types.DynamicData{}, 815 IpAddress: nil, 816 IpNetwork: nil, 817 AllIp: true, 818 }, 819 }, 820 { 821 DynamicData: types.DynamicData{}, 822 Key: "nfs41Client", 823 Label: "nfs41Client", 824 Required: false, 825 Rule: []types.HostFirewallRule{ 826 { 827 DynamicData: types.DynamicData{}, 828 Port: 0, 829 EndPort: 65535, 830 Direction: "outbound", 831 PortType: "dst", 832 Protocol: "tcp", 833 }, 834 }, 835 Service: "", 836 Enabled: false, 837 AllowedHosts: &types.HostFirewallRulesetIpList{ 838 DynamicData: types.DynamicData{}, 839 IpAddress: nil, 840 IpNetwork: nil, 841 AllIp: true, 842 }, 843 }, 844 { 845 DynamicData: types.DynamicData{}, 846 Key: "nfsClient", 847 Label: "NFS Client", 848 Required: false, 849 Rule: []types.HostFirewallRule{ 850 { 851 DynamicData: types.DynamicData{}, 852 Port: 0, 853 EndPort: 65535, 854 Direction: "outbound", 855 PortType: "dst", 856 Protocol: "tcp", 857 }, 858 }, 859 Service: "", 860 Enabled: false, 861 AllowedHosts: &types.HostFirewallRulesetIpList{ 862 DynamicData: types.DynamicData{}, 863 IpAddress: nil, 864 IpNetwork: nil, 865 AllIp: true, 866 }, 867 }, 868 { 869 DynamicData: types.DynamicData{}, 870 Key: "ntpClient", 871 Label: "NTP Client", 872 Required: false, 873 Rule: []types.HostFirewallRule{ 874 { 875 DynamicData: types.DynamicData{}, 876 Port: 123, 877 EndPort: 0, 878 Direction: "outbound", 879 PortType: "dst", 880 Protocol: "udp", 881 }, 882 }, 883 Service: "ntpd", 884 Enabled: false, 885 AllowedHosts: &types.HostFirewallRulesetIpList{ 886 DynamicData: types.DynamicData{}, 887 IpAddress: nil, 888 IpNetwork: nil, 889 AllIp: true, 890 }, 891 }, 892 { 893 DynamicData: types.DynamicData{}, 894 Key: "pvrdma", 895 Label: "pvrdma", 896 Required: false, 897 Rule: []types.HostFirewallRule{ 898 { 899 DynamicData: types.DynamicData{}, 900 Port: 28250, 901 EndPort: 28761, 902 Direction: "outbound", 903 PortType: "dst", 904 Protocol: "tcp", 905 }, 906 { 907 DynamicData: types.DynamicData{}, 908 Port: 28250, 909 EndPort: 28761, 910 Direction: "inbound", 911 PortType: "dst", 912 Protocol: "tcp", 913 }, 914 }, 915 Service: "", 916 Enabled: false, 917 AllowedHosts: &types.HostFirewallRulesetIpList{ 918 DynamicData: types.DynamicData{}, 919 IpAddress: nil, 920 IpNetwork: nil, 921 AllIp: true, 922 }, 923 }, 924 { 925 DynamicData: types.DynamicData{}, 926 Key: "rabbitmqproxy", 927 Label: "rabbitmqproxy", 928 Required: false, 929 Rule: []types.HostFirewallRule{ 930 { 931 DynamicData: types.DynamicData{}, 932 Port: 5671, 933 EndPort: 0, 934 Direction: "outbound", 935 PortType: "dst", 936 Protocol: "tcp", 937 }, 938 }, 939 Service: "", 940 Enabled: true, 941 AllowedHosts: &types.HostFirewallRulesetIpList{ 942 DynamicData: types.DynamicData{}, 943 IpAddress: nil, 944 IpNetwork: nil, 945 AllIp: true, 946 }, 947 }, 948 { 949 DynamicData: types.DynamicData{}, 950 Key: "rdt", 951 Label: "Virtual SAN Transport", 952 Required: false, 953 Rule: []types.HostFirewallRule{ 954 { 955 DynamicData: types.DynamicData{}, 956 Port: 2233, 957 EndPort: 0, 958 Direction: "inbound", 959 PortType: "dst", 960 Protocol: "tcp", 961 }, 962 { 963 DynamicData: types.DynamicData{}, 964 Port: 2233, 965 EndPort: 0, 966 Direction: "outbound", 967 PortType: "dst", 968 Protocol: "tcp", 969 }, 970 }, 971 Service: "", 972 Enabled: false, 973 AllowedHosts: &types.HostFirewallRulesetIpList{ 974 DynamicData: types.DynamicData{}, 975 IpAddress: nil, 976 IpNetwork: nil, 977 AllIp: true, 978 }, 979 }, 980 { 981 DynamicData: types.DynamicData{}, 982 Key: "remoteSerialPort", 983 Label: "VM serial port connected over network", 984 Required: false, 985 Rule: []types.HostFirewallRule{ 986 { 987 DynamicData: types.DynamicData{}, 988 Port: 0, 989 EndPort: 65535, 990 Direction: "outbound", 991 PortType: "dst", 992 Protocol: "tcp", 993 }, 994 { 995 DynamicData: types.DynamicData{}, 996 Port: 23, 997 EndPort: 0, 998 Direction: "inbound", 999 PortType: "dst", 1000 Protocol: "tcp", 1001 }, 1002 { 1003 DynamicData: types.DynamicData{}, 1004 Port: 1024, 1005 EndPort: 65535, 1006 Direction: "inbound", 1007 PortType: "dst", 1008 Protocol: "tcp", 1009 }, 1010 }, 1011 Service: "", 1012 Enabled: false, 1013 AllowedHosts: &types.HostFirewallRulesetIpList{ 1014 DynamicData: types.DynamicData{}, 1015 IpAddress: nil, 1016 IpNetwork: nil, 1017 AllIp: true, 1018 }, 1019 }, 1020 { 1021 DynamicData: types.DynamicData{}, 1022 Key: "snmp", 1023 Label: "SNMP Server", 1024 Required: false, 1025 Rule: []types.HostFirewallRule{ 1026 { 1027 DynamicData: types.DynamicData{}, 1028 Port: 161, 1029 EndPort: 0, 1030 Direction: "inbound", 1031 PortType: "dst", 1032 Protocol: "udp", 1033 }, 1034 }, 1035 Service: "snmpd", 1036 Enabled: true, 1037 AllowedHosts: &types.HostFirewallRulesetIpList{ 1038 DynamicData: types.DynamicData{}, 1039 IpAddress: nil, 1040 IpNetwork: nil, 1041 AllIp: true, 1042 }, 1043 }, 1044 { 1045 DynamicData: types.DynamicData{}, 1046 Key: "sshClient", 1047 Label: "SSH Client", 1048 Required: false, 1049 Rule: []types.HostFirewallRule{ 1050 { 1051 DynamicData: types.DynamicData{}, 1052 Port: 22, 1053 EndPort: 0, 1054 Direction: "outbound", 1055 PortType: "dst", 1056 Protocol: "tcp", 1057 }, 1058 }, 1059 Service: "", 1060 Enabled: false, 1061 AllowedHosts: &types.HostFirewallRulesetIpList{ 1062 DynamicData: types.DynamicData{}, 1063 IpAddress: nil, 1064 IpNetwork: nil, 1065 AllIp: true, 1066 }, 1067 }, 1068 { 1069 DynamicData: types.DynamicData{}, 1070 Key: "sshServer", 1071 Label: "SSH Server", 1072 Required: true, 1073 Rule: []types.HostFirewallRule{ 1074 { 1075 DynamicData: types.DynamicData{}, 1076 Port: 22, 1077 EndPort: 0, 1078 Direction: "inbound", 1079 PortType: "dst", 1080 Protocol: "tcp", 1081 }, 1082 }, 1083 Service: "", 1084 Enabled: true, 1085 AllowedHosts: &types.HostFirewallRulesetIpList{ 1086 DynamicData: types.DynamicData{}, 1087 IpAddress: nil, 1088 IpNetwork: nil, 1089 AllIp: true, 1090 }, 1091 }, 1092 { 1093 DynamicData: types.DynamicData{}, 1094 Key: "syslog", 1095 Label: "syslog", 1096 Required: false, 1097 Rule: []types.HostFirewallRule{ 1098 { 1099 DynamicData: types.DynamicData{}, 1100 Port: 514, 1101 EndPort: 0, 1102 Direction: "outbound", 1103 PortType: "dst", 1104 Protocol: "udp", 1105 }, 1106 { 1107 DynamicData: types.DynamicData{}, 1108 Port: 514, 1109 EndPort: 0, 1110 Direction: "outbound", 1111 PortType: "dst", 1112 Protocol: "tcp", 1113 }, 1114 { 1115 DynamicData: types.DynamicData{}, 1116 Port: 1514, 1117 EndPort: 0, 1118 Direction: "outbound", 1119 PortType: "dst", 1120 Protocol: "tcp", 1121 }, 1122 }, 1123 Service: "", 1124 Enabled: false, 1125 AllowedHosts: &types.HostFirewallRulesetIpList{ 1126 DynamicData: types.DynamicData{}, 1127 IpAddress: nil, 1128 IpNetwork: nil, 1129 AllIp: true, 1130 }, 1131 }, 1132 { 1133 DynamicData: types.DynamicData{}, 1134 Key: "updateManager", 1135 Label: "vCenter Update Manager", 1136 Required: false, 1137 Rule: []types.HostFirewallRule{ 1138 { 1139 DynamicData: types.DynamicData{}, 1140 Port: 80, 1141 EndPort: 0, 1142 Direction: "outbound", 1143 PortType: "dst", 1144 Protocol: "tcp", 1145 }, 1146 { 1147 DynamicData: types.DynamicData{}, 1148 Port: 9000, 1149 EndPort: 9100, 1150 Direction: "outbound", 1151 PortType: "dst", 1152 Protocol: "tcp", 1153 }, 1154 }, 1155 Service: "", 1156 Enabled: true, 1157 AllowedHosts: &types.HostFirewallRulesetIpList{ 1158 DynamicData: types.DynamicData{}, 1159 IpAddress: nil, 1160 IpNetwork: nil, 1161 AllIp: true, 1162 }, 1163 }, 1164 { 1165 DynamicData: types.DynamicData{}, 1166 Key: "vMotion", 1167 Label: "vMotion", 1168 Required: false, 1169 Rule: []types.HostFirewallRule{ 1170 { 1171 DynamicData: types.DynamicData{}, 1172 Port: 8000, 1173 EndPort: 0, 1174 Direction: "inbound", 1175 PortType: "dst", 1176 Protocol: "tcp", 1177 }, 1178 { 1179 DynamicData: types.DynamicData{}, 1180 Port: 8000, 1181 EndPort: 0, 1182 Direction: "outbound", 1183 PortType: "dst", 1184 Protocol: "tcp", 1185 }, 1186 }, 1187 Service: "", 1188 Enabled: true, 1189 AllowedHosts: &types.HostFirewallRulesetIpList{ 1190 DynamicData: types.DynamicData{}, 1191 IpAddress: nil, 1192 IpNetwork: nil, 1193 AllIp: true, 1194 }, 1195 }, 1196 { 1197 DynamicData: types.DynamicData{}, 1198 Key: "vSPC", 1199 Label: "VM serial port connected to vSPC", 1200 Required: false, 1201 Rule: []types.HostFirewallRule{ 1202 { 1203 DynamicData: types.DynamicData{}, 1204 Port: 0, 1205 EndPort: 65535, 1206 Direction: "outbound", 1207 PortType: "dst", 1208 Protocol: "tcp", 1209 }, 1210 }, 1211 Service: "", 1212 Enabled: false, 1213 AllowedHosts: &types.HostFirewallRulesetIpList{ 1214 DynamicData: types.DynamicData{}, 1215 IpAddress: nil, 1216 IpNetwork: nil, 1217 AllIp: true, 1218 }, 1219 }, 1220 { 1221 DynamicData: types.DynamicData{}, 1222 Key: "vSphereClient", 1223 Label: "vSphere Web Client", 1224 Required: true, 1225 Rule: []types.HostFirewallRule{ 1226 { 1227 DynamicData: types.DynamicData{}, 1228 Port: 902, 1229 EndPort: 0, 1230 Direction: "inbound", 1231 PortType: "dst", 1232 Protocol: "tcp", 1233 }, 1234 { 1235 DynamicData: types.DynamicData{}, 1236 Port: 443, 1237 EndPort: 0, 1238 Direction: "inbound", 1239 PortType: "dst", 1240 Protocol: "tcp", 1241 }, 1242 }, 1243 Service: "", 1244 Enabled: true, 1245 AllowedHosts: &types.HostFirewallRulesetIpList{ 1246 DynamicData: types.DynamicData{}, 1247 IpAddress: nil, 1248 IpNetwork: nil, 1249 AllIp: true, 1250 }, 1251 }, 1252 { 1253 DynamicData: types.DynamicData{}, 1254 Key: "vpxHeartbeats", 1255 Label: "VMware vCenter Agent", 1256 Required: false, 1257 Rule: []types.HostFirewallRule{ 1258 { 1259 DynamicData: types.DynamicData{}, 1260 Port: 902, 1261 EndPort: 0, 1262 Direction: "outbound", 1263 PortType: "dst", 1264 Protocol: "udp", 1265 }, 1266 }, 1267 Service: "vpxa", 1268 Enabled: true, 1269 AllowedHosts: &types.HostFirewallRulesetIpList{ 1270 DynamicData: types.DynamicData{}, 1271 IpAddress: nil, 1272 IpNetwork: nil, 1273 AllIp: true, 1274 }, 1275 }, 1276 { 1277 DynamicData: types.DynamicData{}, 1278 Key: "vsanEncryption", 1279 Label: "vsanEncryption", 1280 Required: false, 1281 Rule: []types.HostFirewallRule{ 1282 { 1283 DynamicData: types.DynamicData{}, 1284 Port: 0, 1285 EndPort: 65535, 1286 Direction: "outbound", 1287 PortType: "dst", 1288 Protocol: "tcp", 1289 }, 1290 }, 1291 Service: "", 1292 Enabled: false, 1293 AllowedHosts: &types.HostFirewallRulesetIpList{ 1294 DynamicData: types.DynamicData{}, 1295 IpAddress: nil, 1296 IpNetwork: nil, 1297 AllIp: true, 1298 }, 1299 }, 1300 { 1301 DynamicData: types.DynamicData{}, 1302 Key: "vsanhealth-multicasttest", 1303 Label: "vsanhealth-multicasttest", 1304 Required: false, 1305 Rule: []types.HostFirewallRule{ 1306 { 1307 DynamicData: types.DynamicData{}, 1308 Port: 5001, 1309 EndPort: 0, 1310 Direction: "outbound", 1311 PortType: "dst", 1312 Protocol: "udp", 1313 }, 1314 { 1315 DynamicData: types.DynamicData{}, 1316 Port: 5001, 1317 EndPort: 0, 1318 Direction: "inbound", 1319 PortType: "dst", 1320 Protocol: "udp", 1321 }, 1322 }, 1323 Service: "", 1324 Enabled: false, 1325 AllowedHosts: &types.HostFirewallRulesetIpList{ 1326 DynamicData: types.DynamicData{}, 1327 IpAddress: nil, 1328 IpNetwork: nil, 1329 AllIp: true, 1330 }, 1331 }, 1332 { 1333 DynamicData: types.DynamicData{}, 1334 Key: "vsanvp", 1335 Label: "vsanvp", 1336 Required: false, 1337 Rule: []types.HostFirewallRule{ 1338 { 1339 DynamicData: types.DynamicData{}, 1340 Port: 8080, 1341 EndPort: 0, 1342 Direction: "inbound", 1343 PortType: "dst", 1344 Protocol: "tcp", 1345 }, 1346 { 1347 DynamicData: types.DynamicData{}, 1348 Port: 8080, 1349 EndPort: 0, 1350 Direction: "outbound", 1351 PortType: "dst", 1352 Protocol: "tcp", 1353 }, 1354 }, 1355 Service: "", 1356 Enabled: false, 1357 AllowedHosts: &types.HostFirewallRulesetIpList{ 1358 DynamicData: types.DynamicData{}, 1359 IpAddress: nil, 1360 IpNetwork: nil, 1361 AllIp: true, 1362 }, 1363 }, 1364 { 1365 DynamicData: types.DynamicData{}, 1366 Key: "vvold", 1367 Label: "vvold", 1368 Required: false, 1369 Rule: []types.HostFirewallRule{ 1370 { 1371 DynamicData: types.DynamicData{}, 1372 Port: 0, 1373 EndPort: 65535, 1374 Direction: "outbound", 1375 PortType: "dst", 1376 Protocol: "tcp", 1377 }, 1378 }, 1379 Service: "", 1380 Enabled: false, 1381 AllowedHosts: &types.HostFirewallRulesetIpList{ 1382 DynamicData: types.DynamicData{}, 1383 IpAddress: nil, 1384 IpNetwork: nil, 1385 AllIp: true, 1386 }, 1387 }, 1388 { 1389 DynamicData: types.DynamicData{}, 1390 Key: "webAccess", 1391 Label: "vSphere Web Access", 1392 Required: false, 1393 Rule: []types.HostFirewallRule{ 1394 { 1395 DynamicData: types.DynamicData{}, 1396 Port: 80, 1397 EndPort: 0, 1398 Direction: "inbound", 1399 PortType: "dst", 1400 Protocol: "tcp", 1401 }, 1402 }, 1403 Service: "", 1404 Enabled: true, 1405 AllowedHosts: &types.HostFirewallRulesetIpList{ 1406 DynamicData: types.DynamicData{}, 1407 IpAddress: nil, 1408 IpNetwork: nil, 1409 AllIp: true, 1410 }, 1411 }, 1412 }, 1413 }