Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Shorewall
- #############################################################################################################
- #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/
- # PORT PORT(S) DEST LIMIT GROUP
- # PORT PORT(S) DEST LIMIT GROUP
- #
- # Accept DNS connections from the firewall to the network
- #
- DNS/ACCEPT $FW net
- DNS/ACCEPT loc $FW
- DNS/ACCEPT loc net
- #
- # Accept SSH connections from the local network for administration
- #
- SSH/ACCEPT all $FW
- SSH/ACCEPT $FW all
- ACCEPT vpn all
- ACCEPT all vpn
- #
- # Allow Ping from the local network
- #
- Ping/ACCEPT loc $FW
- Ping/ACCEPT net $FW
- Ping/ACCEPT loc net
- Ping/ACCEPT $FW all
- #ACCEPT $FW loc icmp
- ACCEPT $FW net icmp
- #
- ACCEPT loc $FW udp
- ACCEPT $FW loc udp
- ACCEPT net $FW tcp 80
- #ACCEPT net:194.105.227.102 $FW tcp 80
- ACCEPT loc net:10.10.21.225 all
- #Tel-Log
- ACCEPT:info loc net tcp 3553
- #Remote tenging inn
- # Marorka
- DNAT net loc:192.168.1.230 tcp 3389
- ACCEPT loc:192.168.1.230 net tcp 80
- # RDP gw ut
- ACCEPT loc net tcp 3389
- ACCEPT loc:192.168.1.176 net tcp 443
- #Sailor ACU
- #DNAT net net:192.168.100.2:80 tcp 443
- ACCEPT net:10.10.12.247 $FW all
- # vef
- ACCEPT $FW loc tcp 80
- #myndavelar securitas
- DNAT net loc:192.168.1.200 tcp 80
- DNAT net loc:192.168.1.201 tcp 9001
- DNAT net loc:192.168.1.202 tcp 9002
- DNAT net loc:192.168.1.203 tcp 9003
- DNAT net loc:192.168.1.204 tcp 9004
- DNAT net loc:192.168.1.205 tcp 9005
- DNAT net loc:192.168.1.206 tcp 9006
- DNAT net loc:192.168.1.207 tcp 9007
- #ACCEPT net $FW tcp 9001
- # temp access
- ACCEPT loc:192.168.1.100 net all
- #Proxy
- ACCEPT loc $FW tcp 3128
- # email
- ACCEPT loc net tcp 465
- ACCEPT loc net tcp 995
- ACCEPT loc net tcp 587
- ACCEPT loc net tcp 993
- #FTP/NTP/TFTP
- #FTP/ACCEPT loc $FW
- NTP/ACCEPT loc $FW
- #ACCEPT loc $FW udp 69
- # Add the following to stop a rouge machine on the local network from
- # connecting to this machine!
- #DROP loc:192.168.70.104 $FW tcp - -
- DROP loc:192.168.1.177 net:8.254.194.46 tcp - -
- DROP loc:192.168.1.177 net:8.254.54.254 tcp - -
- #Maxsea
- ACCEPT loc:192.168.1.56 net all
- # fix fyrir update
- ACCEPT loc:192.168.1.112 net all
- ACCEPT loc:192.168.1.105 net all
- # Trend Micro
- ACCEPT loc net tcp 62777
- # verkbokhald EB
- ACCEPT loc net:212.30.252.101 tcp 8080
- #Full access network (DREAMBOX druslur)
- ACCEPT loc:192.168.1.170 net all
- ACCEPT loc:192.168.1.171 net all
- ACCEPT loc:192.168.1.172 net all
- ACCEPT loc:192.168.1.173 net all
- ACCEPT loc:192.168.1.174 net all
- ACCEPT loc:192.168.1.175 net all
- ACCEPT loc:192.168.1.176 net all
- #temp lokun 18.juli
- #ACCEPT loc:192.168.1.177 net all
- ACCEPT loc:192.168.1.178 net all
- ACCEPT loc:192.168.1.179 net all
- # Mariconnect 178.19.53.5
- #ACCEPT loc:192.168.1.229 net tcp 22
- #DNAT net:178.19.53.5 loc:192.168.1.229:22 tcp 2222
- #DNAT net loc:192.168.1.229:22 tcp 2222
- #Optimar
- #ACCEPT loc:192.168.1.180 net all
- # CatSat vedurgogn
- ACCEPT loc net:62.193.60.36 all
- ACCEPT loc:192.168.1.40 net all
- #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement