›

WatchGuard Firebox

版本	1.0.2 (查看全部)
兼容的 Kibana 版本	8.13.0 或更高版本
支持的无服务器项目类型这是什么？	安全性可观测性
订阅级别这是什么？	基本
支持级别这是什么？	Elastic

WatchGuard Firebox 是一种提供网络安全功能的防火墙设备。Firebox 是一种功能强大的网络安全设备，可控制外部网络和受信任网络之间的所有流量。Fireware OS 是在 Firebox 上运行的软件。Fireware 包括一个 Web UI，让您可以轻松管理和监控网络中的每个 Firebox。

数据流

编辑

此集成通过 UDP 输入支持从 WatchGuard Firebox 摄取日志。

日志用于检索 Firebox 生成的日志消息。有关更多详细信息，请参阅此处的文档。

要求

编辑

必须安装 Elastic Agent。有关更多信息，请参阅此处的链接。

安装和管理 Elastic Agent

编辑

您有几种安装和管理 Elastic Agent 的选项

安装 Fleet 管理的 Elastic Agent（推荐）

编辑

使用此方法，您可以安装 Elastic Agent 并使用 Kibana 中的 Fleet 在中心位置定义、配置和管理您的代理。我们建议使用 Fleet 管理，因为它使您的代理的管理和升级变得更加容易。

以独立模式安装 Elastic Agent（高级用户）

编辑

使用此方法，您可以安装 Elastic Agent 并在安装它的系统上本地手动配置代理。您负责管理和升级代理。此方法仅保留给高级用户。

在容器化环境中安装 Elastic Agent

编辑

您可以在容器内部运行 Elastic Agent，无论是使用 Fleet Server 还是独立运行。所有版本的 Elastic Agent 的 Docker 镜像均可从 Elastic Docker 注册表中获得，并且我们提供了在 Kubernetes 上运行的部署清单。

运行 Elastic Agent 有一些最低要求，有关更多信息，请参阅此处的链接。

最低要求的 Kibana 版本 是 8.13.0。

此模块已针对 Fireware v12.10.3 进行了测试。

设置

编辑

按照设置指南将 Firebox 日志消息转发到 syslog 服务器。

在 Elastic 中启用集成

编辑

在 Kibana 中，转到“管理”>“集成”。
在“搜索集成”搜索栏中，键入 WatchGuard Firebox。
从搜索结果中单击“WatchGuard Firebox”集成。
单击“添加 WatchGuard Firebox”按钮以添加集成。
根据启用的输入类型，添加所有必需的集成配置参数。
单击“保存并继续”以保存集成。

日志参考

编辑

日志

编辑

这是 Log 数据集。

示例

log 的示例事件如下所示

{
    "@timestamp": "2024-01-16T15:19:05.000Z",
    "agent": {
        "ephemeral_id": "5a9738b6-025a-4df4-861e-1cc1eea5c622",
        "id": "7aaba523-565c-4597-bc42-59135436336b",
        "name": "docker-fleet-agent",
        "type": "filebeat",
        "version": "8.13.0"
    },
    "data_stream": {
        "dataset": "watchguard_firebox.log",
        "namespace": "76887",
        "type": "logs"
    },
    "destination": {
        "bytes": 282,
        "geo": {
            "city_name": "Changchun",
            "continent_name": "Asia",
            "country_iso_code": "CN",
            "country_name": "China",
            "location": {
                "lat": 43.88,
                "lon": 125.3228
            },
            "region_iso_code": "CN-22",
            "region_name": "Jilin Sheng"
        },
        "ip": [
            "175.16.199.1"
        ],
        "port": [
            25
        ]
    },
    "ecs": {
        "version": "8.11.0"
    },
    "elastic_agent": {
        "id": "7aaba523-565c-4597-bc42-59135436336b",
        "snapshot": false,
        "version": "8.13.0"
    },
    "email": {
        "sender": {
            "address": "tester@testnet.com"
        },
        "to": {
            "address": [
                "wg@localhost"
            ]
        }
    },
    "event": {
        "agent_id_status": "verified",
        "category": [
            "email"
        ],
        "dataset": "watchguard_firebox.log",
        "ingested": "2024-08-07T05:26:04Z",
        "kind": "event",
        "original": "<139>Jan 16 15:19:05 WatchGuard-Firebox FVE6035FD3AE3 (2024-01-19T08:48:15) firewall: msg_id=\"1BFF-000F\" Allow 1-Trusted 0-External tcp 10.0.1.2 175.16.199.1 39398 25 msg=\"SMTP request\" proxy_act=\"SMTP-Outgoing.1\" rcvd_bytes=\"272\" sent_bytes=\"282\" sender=\"tester@testnet.com\" recipients=\"wg@localhost\" server_ssl=\"ECDHE-RSA-AES256-GCMSHA384\" client_ssl=\"AES128-SHA256\" tls_profile=\"TLS-Client.Standard\" (SMTP-proxy-00)",
        "outcome": "success",
        "timezone": "UTC",
        "type": [
            "info"
        ]
    },
    "input": {
        "type": "udp"
    },
    "log": {
        "source": {
            "address": "192.168.240.4:51247"
        },
        "syslog": {
            "appname": "firewall",
            "hostname": "WatchGuard-Firebox",
            "priority": 139
        }
    },
    "network": {
        "bytes": 554,
        "community_id": "1:jKtS0CPHMiYL+rYXXHskx9Y4Gig=",
        "transport": "tcp"
    },
    "observer": {
        "egress": {
            "interface": {
                "alias": "0-External"
            }
        },
        "hostname": "WatchGuard-Firebox",
        "ingress": {
            "interface": {
                "alias": "1-Trusted"
            }
        },
        "product": "Firebox",
        "serial_number": "FVE6035FD3AE3",
        "type": "firewall",
        "vendor": "WatchGuard"
    },
    "related": {
        "hosts": [
            "WatchGuard-Firebox"
        ],
        "ip": [
            "10.0.1.2",
            "175.16.199.1"
        ],
        "user": [
            "wg@localhost",
            "tester@testnet.com"
        ]
    },
    "rule": {
        "name": [
            "SMTP-proxy-00"
        ]
    },
    "source": {
        "bytes": 272,
        "ip": [
            "10.0.1.2"
        ],
        "port": [
            39398
        ]
    },
    "tags": [
        "preserve_original_event",
        "preserve_duplicate_custom_fields",
        "forwarded",
        "watchguard_firebox-log"
    ],
    "tls": {
        "client": {
            "supported_ciphers": [
                "AES128-SHA256"
            ]
        }
    },
    "watchguard_firebox": {
        "log": {
            "bytes_in": 272,
            "bytes_out": 282,
            "client_ssl": "AES128-SHA256",
            "destination_ip": "175.16.199.1",
            "destination_ip_geo": {
                "city_name": "Changchun",
                "continent_name": "Asia",
                "country_iso_code": "CN",
                "country_name": "China",
                "location": {
                    "lat": 43.88,
                    "lon": 125.3228
                },
                "region_iso_code": "CN-22",
                "region_name": "Jilin Sheng"
            },
            "destination_port": 25,
            "disposition": "Allow",
            "in_interface_name": "1-Trusted",
            "log_type": "traffic",
            "msg": "SMTP request",
            "msg_id": "1BFF-000F",
            "out_interface_name": "0-External",
            "policy_name": "SMTP-proxy-00",
            "proxy_act": "SMTP-Outgoing.1",
            "recipients": "wg@localhost",
            "sender": "tester@testnet.com",
            "serial_number": "FVE6035FD3AE3",
            "server_ssl": "ECDHE-RSA-AES256-GCMSHA384",
            "source_ip": "10.0.1.2",
            "source_port": 39398,
            "syslog_timestamp": "2024-01-16T15:19:05.000Z",
            "timestamp": "2024-01-19T08:48:15.000Z",
            "tls_profile": "TLS-Client.Standard",
            "transport": "tcp"
        }
    }
}

导出的字段

字段	描述	类型
@timestamp	事件时间戳。	日期
data_stream.dataset	数据流数据集。	constant_keyword
data_stream.namespace	数据流命名空间。	constant_keyword
data_stream.type	数据流类型。	constant_keyword
event.dataset	事件数据集。	constant_keyword
event.module	事件模块。	constant_keyword
input.type	filebeat 输入的类型。	keyword
log.offset	日志偏移量。	长整型
log.source.address	从中读取/发送日志事件的源地址。	keyword
watchguard_firebox.log.action		keyword
watchguard_firebox.log.action_name		keyword
watchguard_firebox.log.address		keyword
watchguard_firebox.log.app_beh_id		keyword
watchguard_firebox.log.app_beh_name		keyword
watchguard_firebox.log.app_cat_id		keyword
watchguard_firebox.log.app_cat_name		keyword
watchguard_firebox.log.app_control_disposition		keyword
watchguard_firebox.log.app_id		keyword
watchguard_firebox.log.app_name		keyword
watchguard_firebox.log.arg		keyword
watchguard_firebox.log.attachment		keyword
watchguard_firebox.log.authenticated_user		keyword
watchguard_firebox.log.authenticated_user_domain		keyword
watchguard_firebox.log.authentication_method		keyword
watchguard_firebox.log.authentication_server		keyword
watchguard_firebox.log.authentication_type		keyword
watchguard_firebox.log.beh_name		keyword
watchguard_firebox.log.blocked_site_limit		长整型
watchguard_firebox.log.bootup_time		日期
watchguard_firebox.log.bounce_ip		ip
watchguard_firebox.log.bytes		长整型
watchguard_firebox.log.bytes_in		长整型
watchguard_firebox.log.bytes_out		长整型
watchguard_firebox.log.call_from		ip
watchguard_firebox.log.call_to		ip
watchguard_firebox.log.category_name		keyword
watchguard_firebox.log.cats		keyword
watchguard_firebox.log.certificate_id		keyword
watchguard_firebox.log.certificate_issuer		keyword
watchguard_firebox.log.certificate_subject		keyword
watchguard_firebox.log.certificate_type		keyword
watchguard_firebox.log.client_name		keyword
watchguard_firebox.log.client_ssl		keyword
watchguard_firebox.log.cluster_id		keyword
watchguard_firebox.log.cluster_role		keyword
watchguard_firebox.log.cn		keyword
watchguard_firebox.log.codec		keyword
watchguard_firebox.log.command		keyword
watchguard_firebox.log.content		keyword
watchguard_firebox.log.content_inspection		keyword
watchguard_firebox.log.content_source		keyword
watchguard_firebox.log.content_type		keyword
watchguard_firebox.log.ctl_dst_ip		ip
watchguard_firebox.log.ctl_dst_port		长整型
watchguard_firebox.log.ctl_src_ip		ip
watchguard_firebox.log.ctl_src_port		长整型
watchguard_firebox.log.current_ca_certificate_version		keyword
watchguard_firebox.log.current_connection		长整型
watchguard_firebox.log.current_session		长整型
watchguard_firebox.log.data		keyword
watchguard_firebox.log.destination_device		keyword
watchguard_firebox.log.destination_ip		ip
watchguard_firebox.log.destination_ip_geo.city_name		keyword
watchguard_firebox.log.destination_ip_geo.continent_name		keyword
watchguard_firebox.log.destination_ip_geo.country_iso_code		keyword
watchguard_firebox.log.destination_ip_geo.country_name		keyword
watchguard_firebox.log.destination_ip_geo.location		geo_point
watchguard_firebox.log.destination_ip_geo.region_iso_code		keyword
watchguard_firebox.log.destination_ip_geo.region_name		keyword
watchguard_firebox.log.destination_name		keyword
watchguard_firebox.log.destination_port		长整型
watchguard_firebox.log.destination_user		keyword
watchguard_firebox.log.destination_user_domain		keyword
watchguard_firebox.log.details		keyword
watchguard_firebox.log.dev_name		keyword
watchguard_firebox.log.device		keyword
watchguard_firebox.log.device_id		keyword
watchguard_firebox.log.disposition		keyword
watchguard_firebox.log.dlp_rule		keyword
watchguard_firebox.log.dlp_sensor		keyword
watchguard_firebox.log.dns_ip_address		ip
watchguard_firebox.log.dns_question		keyword
watchguard_firebox.log.domain		keyword
watchguard_firebox.log.duration		长整型
watchguard_firebox.log.elapsed_time		keyword
watchguard_firebox.log.email_length		长整型
watchguard_firebox.log.encoding		keyword
watchguard_firebox.log.encoding_type		keyword
watchguard_firebox.log.error		keyword
watchguard_firebox.log.exception_rule		keyword
watchguard_firebox.log.exchange_role		keyword
watchguard_firebox.log.exchange_type		keyword
watchguard_firebox.log.expected		keyword
watchguard_firebox.log.expected_interface		keyword
watchguard_firebox.log.expected_ip		ip
watchguard_firebox.log.expected_protocol		keyword
watchguard_firebox.log.expected_value		长整型
watchguard_firebox.log.failure_count		长整型
watchguard_firebox.log.feature_expiration_date		日期
watchguard_firebox.log.feature_key		keyword
watchguard_firebox.log.feature_name		keyword
watchguard_firebox.log.file_name		keyword
watchguard_firebox.log.flags		keyword
watchguard_firebox.log.from		keyword
watchguard_firebox.log.from_header		keyword
watchguard_firebox.log.gateway		keyword
watchguard_firebox.log.gateway_endpoint		keyword
watchguard_firebox.log.geo_destination		keyword
watchguard_firebox.log.group_name		keyword
watchguard_firebox.log.header		keyword
watchguard_firebox.log.headers_size		长整型
watchguard_firebox.log.host_dest_domain		keyword
watchguard_firebox.log.host_dest_ip		ip
watchguard_firebox.log.hostname		keyword
watchguard_firebox.log.http_status		长整型
watchguard_firebox.log.http_version		keyword
watchguard_firebox.log.ikev2_ikesa_state		keyword
watchguard_firebox.log.image_source		keyword
watchguard_firebox.log.in_interface_name		keyword
watchguard_firebox.log.in_spi		keyword
watchguard_firebox.log.info_msg		keyword
watchguard_firebox.log.inspect_action		keyword
watchguard_firebox.log.interface_id		keyword
watchguard_firebox.log.interface_name		keyword
watchguard_firebox.log.ip_address		ip
watchguard_firebox.log.ip_packet_length		长整型
watchguard_firebox.log.iph_length		长整型
watchguard_firebox.log.keyword		keyword
watchguard_firebox.log.length		长整型
watchguard_firebox.log.limit		长整型
watchguard_firebox.log.line		keyword
watchguard_firebox.log.line_length		长整型
watchguard_firebox.log.link		keyword
watchguard_firebox.log.link_state		keyword
watchguard_firebox.log.local		keyword
watchguard_firebox.log.local_address		ip
watchguard_firebox.log.local_address_port		长整型
watchguard_firebox.log.local_mask_ip		keyword
watchguard_firebox.log.lockout_type		keyword
watchguard_firebox.log.log_type		keyword
watchguard_firebox.log.logical		keyword
watchguard_firebox.log.mac		keyword
watchguard_firebox.log.mac_address		keyword
watchguard_firebox.log.mask		ip
watchguard_firebox.log.master_id		keyword
watchguard_firebox.log.max_user_connection		长整型
watchguard_firebox.log.mbx		keyword
watchguard_firebox.log.md5		keyword
watchguard_firebox.log.member_id		keyword
watchguard_firebox.log.member_info		keyword
watchguard_firebox.log.message		keyword
watchguard_firebox.log.method		keyword
watchguard_firebox.log.msg		keyword
watchguard_firebox.log.msg_id		keyword
watchguard_firebox.log.msg_info		keyword
watchguard_firebox.log.negotiation_ip		ip
watchguard_firebox.log.negotiation_mode		keyword
watchguard_firebox.log.negotiation_role		keyword
watchguard_firebox.log.new_action		keyword
watchguard_firebox.log.new_ca_certificate_version		keyword
watchguard_firebox.log.new_interface		keyword
watchguard_firebox.log.new_ip		ip
watchguard_firebox.log.new_ipv6		keyword
watchguard_firebox.log.new_mask		长整型
watchguard_firebox.log.new_policy_position		长整型
watchguard_firebox.log.new_system_time		keyword
watchguard_firebox.log.next_update_time		日期
watchguard_firebox.log.notification_gap_duration		长整型
watchguard_firebox.log.notify_msg		keyword
watchguard_firebox.log.num		长整型
watchguard_firebox.log.number_of_recipients		长整型
watchguard_firebox.log.object		keyword
watchguard_firebox.log.offset		长整型
watchguard_firebox.log.old_policy_position		长整型
watchguard_firebox.log.op		keyword
watchguard_firebox.log.operation		keyword
watchguard_firebox.log.out_interface_name		keyword
watchguard_firebox.log.out_spi		keyword
watchguard_firebox.log.p1_sa_id		keyword
watchguard_firebox.log.package_release_time		日期
watchguard_firebox.log.packets_count		长整型
watchguard_firebox.log.packets_in		长整型
watchguard_firebox.log.packets_out		长整型
watchguard_firebox.log.pad_error		keyword
watchguard_firebox.log.path		keyword
watchguard_firebox.log.pcy_name		keyword
watchguard_firebox.log.peer_address		ip
watchguard_firebox.log.peer_address_port		长整型
watchguard_firebox.log.physical_name		keyword
watchguard_firebox.log.policy_name		keyword
watchguard_firebox.log.pool_name		keyword
watchguard_firebox.log.port		长整型
watchguard_firebox.log.previous_interface		keyword
watchguard_firebox.log.previous_ip		ip
watchguard_firebox.log.previous_ipv6		keyword
watchguard_firebox.log.previous_mask		长整型
watchguard_firebox.log.previous_system_time		keyword
watchguard_firebox.log.probe_method		keyword
watchguard_firebox.log.property_name		keyword
watchguard_firebox.log.protocol		keyword
watchguard_firebox.log.protocol_flags		keyword
watchguard_firebox.log.proxy_act		keyword
watchguard_firebox.log.proxy_host		keyword
watchguard_firebox.log.proxy_type		keyword
watchguard_firebox.log.query_class		keyword
watchguard_firebox.log.query_opcode		keyword
watchguard_firebox.log.query_type		keyword
watchguard_firebox.log.quota_info		keyword
watchguard_firebox.log.real_ip_address		ip
watchguard_firebox.log.reason		keyword
watchguard_firebox.log.reboot_hour		长整型
watchguard_firebox.log.reboot_option		keyword
watchguard_firebox.log.reboot_second		长整型
watchguard_firebox.log.reboot_status		keyword
watchguard_firebox.log.received		keyword
watchguard_firebox.log.received_dh_group		长整型
watchguard_firebox.log.received_interface		keyword
watchguard_firebox.log.received_interface_index		keyword
watchguard_firebox.log.received_ip		ip
watchguard_firebox.log.received_message_id		keyword
watchguard_firebox.log.received_proto		keyword
watchguard_firebox.log.received_value		长整型
watchguard_firebox.log.recipients		keyword
watchguard_firebox.log.record_type		keyword
watchguard_firebox.log.redirect_action		keyword
watchguard_firebox.log.remote		keyword
watchguard_firebox.log.remote_mask_ip		keyword
watchguard_firebox.log.reply		keyword
watchguard_firebox.log.reply_ip		ip
watchguard_firebox.log.reply_protocol		keyword
watchguard_firebox.log.reply_time		日期
watchguard_firebox.log.reputation		长整型
watchguard_firebox.log.req_or_resp		keyword
watchguard_firebox.log.response		keyword
watchguard_firebox.log.response_code		长整型
watchguard_firebox.log.response_size		长整型
watchguard_firebox.log.restore_type		keyword
watchguard_firebox.log.result		keyword
watchguard_firebox.log.retry_count		长整型
watchguard_firebox.log.return_code		长整型
watchguard_firebox.log.role		keyword
watchguard_firebox.log.route_type		keyword
watchguard_firebox.log.rule_name		keyword
watchguard_firebox.log.ruleset_name		keyword
watchguard_firebox.log.sa_id		keyword
watchguard_firebox.log.scan_stage		keyword
watchguard_firebox.log.scan_type		keyword
watchguard_firebox.log.scheme		keyword
watchguard_firebox.log.selected_dh_group		长整型
watchguard_firebox.log.sender		keyword
watchguard_firebox.log.sequence_number		长整型
watchguard_firebox.log.serial_number		keyword
watchguard_firebox.log.server_ip		ip
watchguard_firebox.log.server_name		keyword
watchguard_firebox.log.server_ssl		keyword
watchguard_firebox.log.service		keyword
watchguard_firebox.log.session_id		keyword
watchguard_firebox.log.severity		长整型
watchguard_firebox.log.signature_category		keyword
watchguard_firebox.log.signature_id		keyword
watchguard_firebox.log.signature_name		keyword
watchguard_firebox.log.signature_version		keyword
watchguard_firebox.log.size		长整型
watchguard_firebox.log.sni		keyword
watchguard_firebox.log.software_version		keyword
watchguard_firebox.log.source_ip		ip
watchguard_firebox.log.source_ip_geo.city_name		keyword
watchguard_firebox.log.source_ip_geo.continent_name		keyword
watchguard_firebox.log.source_ip_geo.country_iso_code		keyword
watchguard_firebox.log.source_ip_geo.country_name		keyword
watchguard_firebox.log.source_ip_geo.location		geo_point
watchguard_firebox.log.source_ip_geo.region_iso_code		keyword
watchguard_firebox.log.source_ip_geo.region_name		keyword
watchguard_firebox.log.source_port		长整型
watchguard_firebox.log.source_user		keyword
watchguard_firebox.log.source_user_domain		keyword
watchguard_firebox.log.spi		keyword
watchguard_firebox.log.srv_ip		ip
watchguard_firebox.log.srv_port		长整型
watchguard_firebox.log.ssl_offload		keyword
watchguard_firebox.log.state		keyword
watchguard_firebox.log.static_ip		ip
watchguard_firebox.log.status		keyword
watchguard_firebox.log.subsystem		keyword
watchguard_firebox.log.syslog_timestamp		日期
watchguard_firebox.log.tag		keyword
watchguard_firebox.log.target		keyword
watchguard_firebox.log.task_uuid		keyword
watchguard_firebox.log.threat_level		keyword
watchguard_firebox.log.timeout		长整型
watchguard_firebox.log.timestamp		日期
watchguard_firebox.log.tls_profile		keyword
watchguard_firebox.log.tls_version		keyword
watchguard_firebox.log.to		keyword
watchguard_firebox.log.to_header		keyword
watchguard_firebox.log.tr_local		keyword
watchguard_firebox.log.tr_remote		keyword
watchguard_firebox.log.transport		keyword
watchguard_firebox.log.ttl		长整型
watchguard_firebox.log.tunnel_name		keyword
watchguard_firebox.log.tunnel_type		keyword
watchguard_firebox.log.ui_type		keyword
watchguard_firebox.log.unit		keyword
watchguard_firebox.log.unlocked_by		keyword
watchguard_firebox.log.update		keyword
watchguard_firebox.log.updated_role		keyword
watchguard_firebox.log.user_auth_protocol		keyword
watchguard_firebox.log.user_domain		keyword
watchguard_firebox.log.user_name		keyword
watchguard_firebox.log.user_response_time		日期
watchguard_firebox.log.user_type		keyword
watchguard_firebox.log.version		keyword
watchguard_firebox.log.version_number		keyword
watchguard_firebox.log.virtual_ip_address		ip
watchguard_firebox.log.virus		keyword
watchguard_firebox.log.vlan_id		keyword
watchguard_firebox.log.vpn_connection_type		keyword
watchguard_firebox.log.vpn_user_type		keyword
watchguard_firebox.log.wgrd_spam_id		keyword
watchguard_firebox.log.window_size		长整型

更新日志

编辑

更新日志

版本	详情	Kibana 版本
1.0.2	缺陷修复 (查看拉取请求) 改进流量日志中的键/值拆分。	8.13.0 或更高版本
1.0.1	增强 (查看拉取请求) 修复文档中的 URL。	8.13.0 或更高版本
1.0.0	增强 (查看拉取请求) 将软件包作为 GA 发布。	8.13.0 或更高版本
0.1.2	缺陷修复 (查看拉取请求) 添加可选的集群成员信息	—
0.1.1	缺陷修复 (查看拉取请求) 添加日期格式模式以解析 syslog 时间戳。	—
0.1.0	增强 (查看拉取请求) 首次发布。	—

« VMware vSphere 集成 WebSphere 应用服务器 »

On this page

数据流
要求
安装和管理 Elastic Agent
安装 Fleet 管理的 Elastic Agent（推荐）
以独立模式安装 Elastic Agent（高级用户）
在容器化环境中安装 Elastic Agent
设置
在 Elastic 中启用集成
日志参考
日志
更新日志

Was this helpful?

Feedback

The Search AI Company

ELK Stack

Elastic Cloud

Generative AI

Search

Security

Observability

By solution

Industries

Customer spotlight

Research

Build

Learn

Connect

WatchGuard Firebox