|
|
@@ -1,6 +1,6 @@
|
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
|
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
|
|
|
-<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="24" lastModified="1559915080" id="root">
|
|
|
+<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="24" lastModified="1573816369" id="root">
|
|
|
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
|
|
|
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
|
|
|
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
|
|
|
@@ -1148,6 +1148,7 @@
|
|
|
<Option name="verify_interfaces">true</Option>
|
|
|
</FirewallOptions>
|
|
|
</Firewall>
|
|
|
+ <AddressRange id="id6999X40322" name="DP Net LAN Linux Servers" comment="" ro="False" start_address="10.0.21.1" end_address="10.0.21.10"/>
|
|
|
</Library>
|
|
|
<Library id="id1592X15287" color="#d2ffd0" name="User" comment="" ro="False">
|
|
|
<ObjectGroup id="id1593X15287" name="Objects" comment="" ro="False">
|
|
|
@@ -1163,6 +1164,7 @@
|
|
|
<ObjectGroup id="id1599X15287" name="Networks" comment="" ro="False">
|
|
|
<Network id="id5791X15287" name="Deviproductions LAN" comment="" ro="False" address="10.0.21.0" netmask="255.255.255.0"/>
|
|
|
<Network id="id5820X15287" name="WLAN Network" comment="" ro="False" address="10.0.1.0" netmask="255.255.255.0"/>
|
|
|
+ <Network id="id6993X25763" name="DP LAN Linux Servers" comment="" ro="False" address="10.0.21.0" netmask="255.255.255.240"/>
|
|
|
</ObjectGroup>
|
|
|
<ObjectGroup id="id1600X15287" name="Address Ranges" comment="" ro="False"/>
|
|
|
</ObjectGroup>
|
|
|
@@ -1183,7 +1185,7 @@
|
|
|
<ServiceGroup id="id1609X15287" name="TagServices" comment="" ro="False"/>
|
|
|
</ServiceGroup>
|
|
|
<ObjectGroup id="id1610X15287" name="Firewalls" comment="" ro="False">
|
|
|
- <Firewall id="id2327X15287" host_OS="linux24" lastCompiled="1559914152" lastInstalled="1559914159" lastModified="1561722429" platform="iptables" name="archivo" comment="" ro="False">
|
|
|
+ <Firewall id="id2327X15287" host_OS="linux24" lastCompiled="1573816440" lastInstalled="1559914159" lastModified="1573816401" platform="iptables" name="archivo" comment="" ro="False">
|
|
|
<NAT id="id2331X15287" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
|
|
|
<NATRule id="id6818X40322" disabled="False" group="" position="0" action="Translate" comment="">
|
|
|
<OSrc neg="False">
|
|
|
@@ -1402,7 +1404,7 @@
|
|
|
<Option name="stateless">False</Option>
|
|
|
</PolicyRuleOptions>
|
|
|
</PolicyRule>
|
|
|
- <PolicyRule id="id6457X15287" disabled="False" group="Internal Network" log="True" position="9" action="Accept" direction="Both" comment="ntp and squid-deb-proxy for internal network">
|
|
|
+ <PolicyRule id="id6457X15287" disabled="False" group="Internal Network" log="True" position="9" action="Accept" direction="Both" comment="ntp for internal network">
|
|
|
<Src neg="False">
|
|
|
<ObjectRef ref="id5791X15287"/>
|
|
|
</Src>
|
|
|
@@ -1411,6 +1413,25 @@
|
|
|
</Dst>
|
|
|
<Srv neg="False">
|
|
|
<ServiceRef ref="udp-ntp"/>
|
|
|
+ </Srv>
|
|
|
+ <Itf neg="False">
|
|
|
+ <ObjectRef ref="sysid0"/>
|
|
|
+ </Itf>
|
|
|
+ <When neg="False">
|
|
|
+ <IntervalRef ref="sysid2"/>
|
|
|
+ </When>
|
|
|
+ <PolicyRuleOptions>
|
|
|
+ <Option name="pf_classify_str"/>
|
|
|
+ </PolicyRuleOptions>
|
|
|
+ </PolicyRule>
|
|
|
+ <PolicyRule id="id6905X40322" disabled="False" group="Internal Network" log="True" position="10" action="Accept" direction="Both" comment="squid-deb-proxy for linux servers">
|
|
|
+ <Src neg="False">
|
|
|
+ <ObjectRef ref="id6993X25763"/>
|
|
|
+ </Src>
|
|
|
+ <Dst neg="False">
|
|
|
+ <ObjectRef ref="sysid0"/>
|
|
|
+ </Dst>
|
|
|
+ <Srv neg="False">
|
|
|
<ServiceRef ref="id6840X15287"/>
|
|
|
</Srv>
|
|
|
<Itf neg="False">
|
|
|
@@ -1423,7 +1444,7 @@
|
|
|
<Option name="pf_classify_str"/>
|
|
|
</PolicyRuleOptions>
|
|
|
</PolicyRule>
|
|
|
- <PolicyRule id="id6456X15987" disabled="False" group="Internal Network" log="True" position="10" action="Accept" direction="Both" comment="">
|
|
|
+ <PolicyRule id="id6456X15987" disabled="False" group="Internal Network" log="True" position="11" action="Accept" direction="Both" comment="">
|
|
|
<Src neg="False">
|
|
|
<ObjectRef ref="id5791X15287"/>
|
|
|
</Src>
|
|
|
@@ -1443,7 +1464,7 @@
|
|
|
<Option name="stateless">False</Option>
|
|
|
</PolicyRuleOptions>
|
|
|
</PolicyRule>
|
|
|
- <PolicyRule id="id6426X15987" disabled="False" group="" log="False" position="11" action="Deny" direction="Both" comment="deny but don't log the various brodcasts">
|
|
|
+ <PolicyRule id="id6426X15987" disabled="False" group="" log="False" position="12" action="Deny" direction="Both" comment="deny but don't log the various brodcasts">
|
|
|
<Src neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</Src>
|
|
|
@@ -1465,7 +1486,7 @@
|
|
|
<Option name="stateless">True</Option>
|
|
|
</PolicyRuleOptions>
|
|
|
</PolicyRule>
|
|
|
- <PolicyRule id="id7245X15287" disabled="False" group="" log="True" position="12" action="Deny" direction="Both" comment="last deny">
|
|
|
+ <PolicyRule id="id7245X15287" disabled="False" group="" log="True" position="13" action="Deny" direction="Both" comment="last deny">
|
|
|
<Src neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</Src>
|
