Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##############################################################################
- # Variables definition
- ##############################################################################
- # Change data below according to your network
- IPTABLES="`type -p iptables`"
- LO_IFACE="lo"
- LO_NET="127.0.0.0/255.0.0.0"
- # Note: if you don't have one of the interfaces, leave it blank.
- # Example: EXT_IFACE=""
- # Example:
- # EXT_IFACE="eth0"
- # EXT_IP="200.xxx.10.1"
- # EXT_NET="200.xxx.10.0/24"
- # EXT_BRO="200.xxx.10.255"
- # For connections with dynamic IP, fill out only the interface.
- # Example:
- # EXT_IFACE="ppp0"
- #VELOX:
- EXT_IFACE="ppp0"
- EXT_IP=""
- EXT_NET=""
- EXT_BRO=""
- # INTRANET:
- INT_IFACE="eth1"
- INT_IP="192.168.1.1"
- INT_NET="192.168.1.0/24"
- INT_BRO="192.168.1.255"
- # DMZ: FASTNET 07/02/2011
- DMZ_IFACE="eth0"
- DMZ_IP="186.227.72.65"
- DMZ_NET="186.227.72.32/29"
- DMZ_BRO="186.227.72.39"
- # OpenVPN VPN
- # Example:
- # OpenVPN_IFACE="tun+"
- # OpenVPN_IP="0/0"
- OpenVPN_IFACE=""
- OpenVPN_IP=""
- OpenVPN_PORT=""
- OpenVPN_PROTO=""
- # IP address used for DMZ.
- # SERVERS:
- IP_DNS1="192.168.0.2"
- IP_DNS2="192.168.0.3"
- IP_WWW1="192.168.0.4"
- IP_SMTP="192.168.0.5"
- # IP address used for NAT.
- # To enable or disable NAT, change the variable below to:
- # '0' disabled.
- # '1' POSTROUTING only.
- # '2' POSTROUTING and PREROUTING.
- # '3' PREROUTING only.
- # NAT:
- NAT="2"
- IP_DNS1_NAT="192.0.2.2"
- IP_DNS2_NAT="192.0.2.3"
- IP_WWW1_NAT="192.0.2.4"
- IP_SMTP_NAT="192.0.2.5"
- # Remote IP used for remote admin
- # INPUT rule uses RMT_ADMIN_IP on file 'tf_INPUT.mod'
- # Network administrator IP
- # The same rules aply to this variable as explained above (RMT_ADMIN_IP)
- # ADMINS:
- RMT_ADMIN_IP=""
- ADMIN_IP="192.168.1.60"
- # BROADCAST
- BRO_ADDR="255.255.255.255"
- # IANA RESERVED NETs
- # ftp://ftp.rfc-editor.org/in-notes/rfc3330.txt
- RESERVED_NET="0.0.0.0/7 2.0.0.0/8 5.0.0.0/8 7.0.0.0/8 10.0.0.0/8 \
- 23.0.0.0/8 27.0.0.0/8 31.0.0.0/8 36.0.0.0/7 39.0.0.0/8 \
- 42.0.0.0/8 77.0.0.0/8 78.0.0.0/7 92.0.0.0/6 96.0.0.0/4 \
- 112.0.0.0/5 120.0.0.0/6 127.0.0.0/8 169.254.0.0/16 \
- 172.16.0.0/12 173.0.0.0/8 174.0.0.0/7 176.0.0.0/5 \
- 197.0.0.0/8 \
- 223.0.0.0/8 240.0.0.0/4"
- # Snort_Inline Support
- # TARGET="ACCEPT" - disable snort_inline support
- # TARGET="QUEUE" - enable snort_inline support
- TARGET="ACCEPT"
- # QoS Configuration
- # USE_QoS options: path of htb.init or cbq.init
- # USE_QoS="/usr/sbin/htb.init"
- USE_QoS=""
- # PROXY_PORT="" - proxy disabled
- # PROXY_PORT="3128" - proxy enabled at 3128 port
- PROXY_PORT=""
- # Transparent Proxy:
- # 0 - disable
- # 1 - enable
- PROXY_T="0"
- # Are you using modular kernel?
- # 0 - no
- # 1 - yes
- KERN_MOD="1"
- # TuxFrw permits integration with PigMeat/PigMeet. If you want TuxFrw blocking
- # the IPs blocked by PigMeat/PigMeet, use the variable below.
- # Examples:
- # PIGMEAT="/var/log/pigmeat/hosts.blocked"
- # PIGMEAT="/usr/local/pigserverd/run/blocked"
- PIGMEAT=""
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement