|
|
@@ -2451,7 +2451,7 @@
|
|
|
<ServiceGroup id="id1599X5690" name="TagServices" comment="" ro="False"/>
|
|
|
</ServiceGroup>
|
|
|
<ObjectGroup id="id1600X5690" name="Firewalls" comment="" ro="False">
|
|
|
- <Firewall id="id8899X28426" host_OS="linux24" inactive="False" lastCompiled="1586886801" lastInstalled="1586886814" lastModified="1586886795" platform="iptables" version="" name="kvmhost02" comment="# BEGIN INIT INFO Provides: firewall Required-Start: $all Required-Stop: Default-Start: 2 3 4 5 Default-Stop: Short-Description: Run firewall if it exist # END INIT INFO" ro="False">
|
|
|
+ <Firewall id="id8899X28426" host_OS="linux24" inactive="False" lastCompiled="1586938365" lastInstalled="1586939314" lastModified="1586938361" platform="iptables" version="1.4.20" name="kvmhost02" comment="" ro="False">
|
|
|
<NAT id="id13393X65696" name="NAT" comment="" ro="False" ipv4_rule_set="True" ipv6_rule_set="False" top_rule_set="True">
|
|
|
<NATRule id="id13395X65696" disabled="False" group="outgoing NAT" position="0" action="Translate" comment="NAT all outgoing mail traffic to mail IP">
|
|
|
<OSrc neg="False">
|
|
|
@@ -3933,7 +3933,7 @@
|
|
|
<Option name="action_on_reject"/>
|
|
|
<Option name="activationCmd"/>
|
|
|
<Option name="add_mgmt_ssh_rule_when_stoped">False</Option>
|
|
|
- <Option name="add_rules_for_ipv6_neighbor_discovery">False</Option>
|
|
|
+ <Option name="add_rules_for_ipv6_neighbor_discovery">True</Option>
|
|
|
<Option name="admUser">madhu</Option>
|
|
|
<Option name="altAddress">kvmhost02.itguru.at</Option>
|
|
|
<Option name="bridging_fw">False</Option>
|
|
|
@@ -3949,7 +3949,7 @@
|
|
|
<Option name="data_dir"/>
|
|
|
<Option name="debug">False</Option>
|
|
|
<Option name="drop_invalid">False</Option>
|
|
|
- <Option name="epilog_script"/>
|
|
|
+ <Option name="epilog_script">/root/fix_ipv6</Option>
|
|
|
<Option name="firewall_dir">/etc/firewall/</Option>
|
|
|
<Option name="firewall_is_part_of_any_and_networks">True</Option>
|
|
|
<Option name="flush_and_set_default_policy">True</Option>
|
|
|
@@ -3981,7 +3981,7 @@
|
|
|
<Option name="linux24_path_lsmod"/>
|
|
|
<Option name="linux24_path_modprobe"/>
|
|
|
<Option name="linux24_path_vconfig"/>
|
|
|
- <Option name="linux24_rp_filter"/>
|
|
|
+ <Option name="linux24_rp_filter">1</Option>
|
|
|
<Option name="linux24_tcp_ecn"/>
|
|
|
<Option name="linux24_tcp_fack"/>
|
|
|
<Option name="linux24_tcp_fin_timeout">0</Option>
|
|
|
@@ -3990,6 +3990,7 @@
|
|
|
<Option name="linux24_tcp_syncookies"/>
|
|
|
<Option name="linux24_tcp_timestamps"/>
|
|
|
<Option name="linux24_tcp_window_scaling"/>
|
|
|
+ <Option name="linux317_ip_forward">1</Option>
|
|
|
<Option name="load_modules">True</Option>
|
|
|
<Option name="local_nat">False</Option>
|
|
|
<Option name="log_all">False</Option>
|
|
|
@@ -4006,7 +4007,14 @@
|
|
|
<Option name="modules_dir">/lib/modules/`uname -r`/kernel/net/</Option>
|
|
|
<Option name="output_file"/>
|
|
|
<Option name="prolog_place">top</Option>
|
|
|
- <Option name="prolog_script"/>
|
|
|
+ <Option name="prolog_script"># BEGIN INIT INFO
|
|
|
+Provides: firewall
|
|
|
+Required-Start: $all
|
|
|
+Required-Stop:
|
|
|
+Default-Start: 2 3 4 5
|
|
|
+Default-Stop:
|
|
|
+Short-Description: Run firewall if it exist
|
|
|
+# END INIT INFO</Option>
|
|
|
<Option name="scpArgs">-P 1848</Option>
|
|
|
<Option name="script_name_on_firewall"/>
|
|
|
<Option name="sshArgs">-p 1848</Option>
|
|
|
@@ -4015,6 +4023,7 @@
|
|
|
<Option name="ulog_qthreshold">1</Option>
|
|
|
<Option name="use_ULOG">False</Option>
|
|
|
<Option name="use_iptables_restore">False</Option>
|
|
|
+ <Option name="use_kerneltz">False</Option>
|
|
|
<Option name="use_m_set">False</Option>
|
|
|
<Option name="use_numeric_log_levels">False</Option>
|
|
|
<Option name="verify_interfaces">True</Option>
|
Maximilian Ronniger