|
|
@@ -1,6 +1,6 @@
|
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
|
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
|
|
|
-<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="24" lastModified="1711107649" id="root">
|
|
|
+<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="24" lastModified="1715940206" id="root">
|
|
|
<Library id="syslib000" color="#0a0f1f" name="Standard" comment="Standard objects" ro="True">
|
|
|
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
|
|
|
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
|
|
|
@@ -495,7 +495,7 @@
|
|
|
</IntervalGroup>
|
|
|
</Library>
|
|
|
<Library id="sysid99" name="Deleted Objects" comment="" ro="False"/>
|
|
|
- <Library id="id1592X15287" color="#2b3db4" name="User" comment="" ro="False">
|
|
|
+ <Library id="id1592X15287" color="#c9ceee" name="User" comment="" ro="False">
|
|
|
<ObjectGroup id="id1593X15287" name="Objects" comment="" ro="False">
|
|
|
<ObjectGroup id="id1594X15287" name="Addresses" comment="" ro="False">
|
|
|
<IPv4 id="id6067X15287" name="Internet Prodcast" comment="" ro="False" address="10.0.1.255" netmask="0.0.0.0"/>
|
|
|
@@ -524,6 +524,8 @@
|
|
|
<TCPService id="id6468X15987" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="Bareos" comment="" ro="False" src_range_start="0" src_range_end="0" dst_range_start="9100" dst_range_end="9105"/>
|
|
|
<TCPService id="id7581X24684" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="FTP Passive Ports" comment="" ro="False" src_range_start="0" src_range_end="0" dst_range_start="11000" dst_range_end="11500"/>
|
|
|
<TCPService id="id7151X5485" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="iperf3" comment="" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5201" dst_range_end="5201"/>
|
|
|
+ <TCPService id="id5492X21904" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="Davinci Chat" comment="" ro="False" src_range_start="0" src_range_end="0" dst_range_start="50059" dst_range_end="50059"/>
|
|
|
+ <TCPService id="id5530X21904" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="Davinci Server Control" comment="" ro="False" src_range_start="0" src_range_end="0" dst_range_start="8543" dst_range_end="8543"/>
|
|
|
</ServiceGroup>
|
|
|
<ServiceGroup id="id1606X15287" name="UDP" comment="" ro="False"/>
|
|
|
<ServiceGroup id="id1607X15287" name="Users" comment="" ro="False"/>
|
|
|
@@ -531,7 +533,7 @@
|
|
|
<ServiceGroup id="id1609X15287" name="TagServices" comment="" ro="False"/>
|
|
|
</ServiceGroup>
|
|
|
<ObjectGroup id="id1610X15287" name="Firewalls" comment="" ro="False">
|
|
|
- <Firewall id="id2327X15287" host_OS="linux24" lastCompiled="1711107734" lastInstalled="1711107740" lastModified="1711107729" platform="iptables" name="archivo" comment="" ro="False">
|
|
|
+ <Firewall id="id2327X15287" host_OS="linux24" lastCompiled="1715940294" lastInstalled="1715940306" lastModified="1715940283" platform="iptables" name="archivo" comment="" ro="False">
|
|
|
<NAT id="id2331X15287" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
|
|
|
<NATRule id="id6818X40322" disabled="False" group="" position="0" action="Translate" comment="">
|
|
|
<OSrc neg="False">
|
|
|
@@ -830,7 +832,29 @@
|
|
|
<Option name="stateless">False</Option>
|
|
|
</PolicyRuleOptions>
|
|
|
</PolicyRule>
|
|
|
- <PolicyRule id="id6426X15987" disabled="False" group="" log="False" position="13" action="Deny" direction="Both" comment="deny but don't log the various brodcasts">
|
|
|
+ <PolicyRule id="id5416X21904" disabled="False" group="Internal Network" log="True" position="13" action="Accept" direction="Both" comment="Davinci Resolve Server Ports.">
|
|
|
+ <Src neg="False">
|
|
|
+ <ObjectRef ref="id5791X15287"/>
|
|
|
+ </Src>
|
|
|
+ <Dst neg="False">
|
|
|
+ <ObjectRef ref="sysid0"/>
|
|
|
+ </Dst>
|
|
|
+ <Srv neg="False">
|
|
|
+ <ServiceRef ref="id3B4FF0EA"/>
|
|
|
+ <ServiceRef ref="id5492X21904"/>
|
|
|
+ <ServiceRef ref="id5530X21904"/>
|
|
|
+ </Srv>
|
|
|
+ <Itf neg="False">
|
|
|
+ <ObjectRef ref="sysid0"/>
|
|
|
+ </Itf>
|
|
|
+ <When neg="False">
|
|
|
+ <IntervalRef ref="sysid2"/>
|
|
|
+ </When>
|
|
|
+ <PolicyRuleOptions>
|
|
|
+ <Option name="stateless">False</Option>
|
|
|
+ </PolicyRuleOptions>
|
|
|
+ </PolicyRule>
|
|
|
+ <PolicyRule id="id6426X15987" disabled="False" group="" log="False" position="14" action="Deny" direction="Both" comment="deny but don't log the various brodcasts">
|
|
|
<Src neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</Src>
|
|
|
@@ -852,7 +876,7 @@
|
|
|
<Option name="stateless">True</Option>
|
|
|
</PolicyRuleOptions>
|
|
|
</PolicyRule>
|
|
|
- <PolicyRule id="id7245X15287" disabled="False" group="" log="True" position="14" action="Deny" direction="Both" comment="last deny">
|
|
|
+ <PolicyRule id="id7245X15287" disabled="False" group="" log="True" position="15" action="Deny" direction="Both" comment="last deny">
|
|
|
<Src neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</Src>
|
|
|
@@ -877,8 +901,8 @@
|
|
|
<Routing id="id2333X15287" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
|
|
|
<RuleSetOptions/>
|
|
|
</Routing>
|
|
|
- <Interface id="id2335X15287" dedicated_failover="False" dyn="False" label="lan" mgmt="True" security_level="100" unnum="False" unprotected="False" name="enp11s0" comment="" ro="False">
|
|
|
- <IPv4 id="id2336X15287" name="archivo:enp11s0:ip" comment="" ro="False" address="10.0.21.2" netmask="255.255.255.0"/>
|
|
|
+ <Interface id="id2335X15287" dedicated_failover="False" dyn="False" label="lan" mgmt="True" security_level="100" unnum="False" unprotected="False" name="enp10s0" comment="" ro="False">
|
|
|
+ <IPv4 id="id2336X15287" name="archivo:enp10s0:ip" comment="" ro="False" address="10.0.21.2" netmask="255.255.255.0"/>
|
|
|
<InterfaceOptions/>
|
|
|
</Interface>
|
|
|
<Interface id="id2337X15287" dedicated_failover="False" dyn="False" label="link" mgmt="False" security_level="100" unnum="False" unprotected="False" name="vlan4" comment="" ro="False">
|
