HQ (active) target: default icmp-block-inversion: no interfaces: source

1. HQ (active)
2. target: default
3. icmp-block-inversion: no
4. interfaces:
5. sources: 195.x.xxx.xxx 90.xxx.xx.xxx 95.xx.xx.xx
6. services: ssh mysql telnet
7. ports:
8. protocols:
9. masquerade: no
10. forward-ports:
11. source-ports:
12. icmp-blocks:
13. rich rules:
14. rule family="ipv4" source address="195.x.xxx.xxx" service name="ssh" log prefix="SSH Access HQ" level="notice" accept
15. rule family="ipv4" source address="90.xxx.xx.xxx" service name="ssh" log prefix="SSH Access HQ" level="notice" accept
16. rule family="ipv4" source address="195.x.xxx.xxx" service name="ssh" log prefix="SSH Access xxxx" level="notice" accept
17.  
18. block
19. target: %%REJECT%%
20. icmp-block-inversion: no
21. interfaces:
22. sources:
23. services:
24. ports:
25. protocols:
26. masquerade: no
27. forward-ports:
28. source-ports:
29. icmp-blocks:
30. rich rules:
31.  
32.  
33. dmz
34. target: default
35. icmp-block-inversion: no
36. interfaces:
37. sources:
38. services: ssh
39. ports:
40. protocols:
41. masquerade: no
42. forward-ports:
43. source-ports:
44. icmp-blocks:
45. rich rules:
46.  
47.  
48. drop
49. target: DROP
50. icmp-block-inversion: no
51. interfaces:
52. sources:
53. services:
54. ports:
55. protocols:
56. masquerade: no
57. forward-ports:
58. source-ports:
59. icmp-blocks:
60. rich rules:
61.  
62.  
63. external
64. target: default
65. icmp-block-inversion: no
66. interfaces:
67. sources:
68. services: ssh
69. ports:
70. protocols:
71. masquerade: yes
72. forward-ports:
73. source-ports:
74. icmp-blocks:
75. rich rules:
76.  
77.  
78. home
79. target: default
80. icmp-block-inversion: no
81. interfaces:
82. sources:
83. services: ssh mdns samba-client dhcpv6-client
84. ports:
85. protocols:
86. masquerade: no
87. forward-ports:
88. source-ports:
89. icmp-blocks:
90. rich rules:
91.  
92.  
93. internal
94. target: default
95. icmp-block-inversion: no
96. interfaces:
97. sources:
98. services: ssh mdns samba-client dhcpv6-client
99. ports:
100. protocols:
101. masquerade: no
102. forward-ports:
103. source-ports:
104. icmp-blocks:
105. rich rules:
106.  
107.  
108. public
109. target: default
110. icmp-block-inversion: no
111. interfaces:
112. sources:
113. services: https http
114. ports:
115. protocols:
116. masquerade: no
117. forward-ports:
118. source-ports:
119. icmp-blocks:
120. rich rules:
121.  
122.  
123. homeusers (active)
124. target: default
125. icmp-block-inversion: no
126. interfaces:
127. sources: 92.xxx.xxx.xxx 31.xxx.xxx.xxx 82.xx.xxx.xxx
128. services: ssh mysql telnet
129. ports:
130. protocols:
131. masquerade: no
132. forward-ports:
133. source-ports:
134. icmp-blocks:
135. rich rules:
136. rule family="ipv4" source address="95.xx.xx.xx" service name="ssh" log prefix="SSH Access HQ" level="notice" accept
137. rule family="ipv4" source address="92.xxx.xxx.xxx" service name="ssh" log prefix="SSH Access xxxxxxx" level="notice" accept
138. rule family="ipv4" source address="31.xxx.xxx.xxx" service name="ssh" log prefix="SSH Access xwxwxw" level="notice" accept
139.  
140. trusted (active)
141. target: default
142. icmp-block-inversion: no
143. interfaces:
144. sources: 127.0.0.1 19x.xxx.xxx.xxx
145. services: mysql
146. ports:
147. protocols:
148. masquerade: no
149. forward-ports:
150. source-ports:
151. icmp-blocks:
152. rich rules:
153.  
154.  
155. work
156. target: default
157. icmp-block-inversion: no
158. interfaces:
159. sources:
160. services: ssh dhcpv6-client
161. ports:
162. protocols:
163. masquerade: no
164. forward-ports:
165. source-ports:
166. icmp-blocks:
167. rich rules: