kvmhost02: allow prx01 access to rpi4 http

itguru.at.fwb

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
-<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="24" lastModified="1626421602" id="root">
-  <Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
+<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="24" lastModified="1678195288" id="root">
+  <Library id="syslib000" color="#0a0f1f" name="Standard" comment="Standard objects" ro="True">
     <AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
     <AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
     <AnyInterval id="sysid2" days_of_week="0,1,2,3,4,5,6" from_day="-1" from_hour="-1" from_minute="-1" from_month="-1" from_weekday="-1" from_year="-1" to_day="-1" to_hour="-1" to_minute="-1" to_month="-1" to_weekday="-1" to_year="-1" name="Any" comment="Any Interval" ro="False"/>
@@ -29,6 +29,17 @@
         <IPv4 id="id3403X88798" name="mDNS" comment="" ro="False" address="224.0.0.251" netmask="0.0.0.0"/>
         <IPv4 id="id3410X88798" name="LLMNR" comment="Link-Local Multicast Name Resolution, RFC4795" ro="False" address="224.0.0.252" netmask="0.0.0.0"/>
         <IPv4 id="id3411X88798" name="Teredo" comment="" ro="False" address="224.0.0.253" netmask="0.0.0.0"/>
+        <IPv6 id="id3412X88798" name="All nodes" comment="RFC4291" ro="False" address="ff02::1" netmask="128"/>
+        <IPv6 id="id3413X88798" name="All routers" comment="RFC4291" ro="False" address="ff02::2" netmask="128"/>
+        <IPv6 id="id3414X88798" name="OSPF (all routers)" comment="RFC2328" ro="False" address="ff02::5" netmask="128"/>
+        <IPv6 id="id3415X88798" name="OSPF (designated routers)" comment="RFC2328" ro="False" address="ff02::6" netmask="128"/>
+        <IPv6 id="id3416X88798" name="RIP" comment="RFC2080" ro="False" address="ff02::9" netmask="128"/>
+        <IPv6 id="id3417X88798" name="EIGRP" comment="RFC7868" ro="False" address="ff02::a" netmask="128"/>
+        <IPv6 id="id3418X88798" name="PIM" comment="RFC2375" ro="False" address="ff02::d" netmask="128"/>
+        <IPv6 id="id3419X88798" name="MLDv2 reports" comment="RFC3810" ro="False" address="ff02::16" netmask="128"/>
+        <IPv6 id="id3420X88798" name="DHCPv6 (link-local)" comment="RFC3315" ro="False" address="ff02::1:2" netmask="128"/>
+        <IPv6 id="id3421X88798" name="LLMNR (link-local)" comment="RFC4795" ro="False" address="ff02::1:3" netmask="128"/>
+        <IPv6 id="id3422X88798" name="DHCP (site-local)" comment="RFC3315" ro="False" address="ff05::1:3" netmask="128"/>
       </ObjectGroup>
       <ObjectGroup id="stdid17" name="DNS Names" comment="" ro="False"/>
       <ObjectGroup id="stdid18" name="Address Tables" comment="" ro="False"/>
@@ -2147,8 +2158,9 @@
     <AddressRange id="id14042X233013" name="email scan" comment="" ro="False" start_address="5.188.206.246" end_address="5.188.206.246"/>
     <IPv4 id="id14009X396398" name="email_adress_scan" comment="" ro="False" address="5.188.206.246" netmask="0.0.0.0"/>
     <TCPService id="id13989X50388" ack_flag="False" ack_flag_mask="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="TCP Service" comment="" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+    <IPv6 id="id14066X306668" name="rpi4-home:eth0:ip6" comment="" ro="False" address="2a01:4f9:2a:a55::10:20" netmask="128"/>
   </Library>
-  <Library id="id1582X5690" color="#d2ffd0" name="User" comment="" ro="False">
+  <Library id="id1582X5690" color="#272f26" name="User" comment="" ro="False">
     <ObjectGroup id="id1583X5690" name="Objects" comment="" ro="False">
       <ObjectGroup id="id1584X5690" subfolders="" name="Addresses" comment="" ro="False">
         <IPv6 id="id3770X6649" name="hetzner ipv6 monitoring 1" comment="" ro="False" address="2a01:4f8:0:a101::5:1" netmask="128"/>
@@ -2374,6 +2386,24 @@
             <Option name="use_mac_addr_filter">False</Option>
           </HostOptions>
         </Host>
+        <Host id="id14062X306668" name="rpi4-home" comment="This host is used in examples and template objects" ro="False">
+          <Interface id="id14064X306668" dedicated_failover="False" dyn="False" security_level="0" unnum="False" unprotected="False" name="eth0" comment="" ro="False">
+            <IPv4 id="id14065X306668" name="rpi4-home:eth0:ip" comment="" ro="False" address="10.64.7.2" netmask="255.255.255.0"/>
+            <InterfaceOptions/>
+          </Interface>
+          <Management address="192.168.1.10">
+            <SNMPManagement enabled="False" snmp_read_community="" snmp_write_community=""/>
+            <FWBDManagement enabled="False" identity="" port="-1"/>
+            <PolicyInstallScript arguments="" command="" enabled="False"/>
+          </Management>
+          <HostOptions>
+            <Option name="snmp_contact"/>
+            <Option name="snmp_description"/>
+            <Option name="snmp_location"/>
+            <Option name="use_mac_addr">false</Option>
+            <Option name="use_mac_addr_filter">False</Option>
+          </HostOptions>
+        </Host>
       </ObjectGroup>
       <ObjectGroup id="id1589X5690" name="Networks" comment="" ro="False">
         <Network id="id4422X5690" name="kvmhost01:virbr0:net" comment="" ro="False" address="192.168.122.0" netmask="255.255.255.0"/>
@@ -2443,7 +2473,7 @@
       <ServiceGroup id="id1599X5690" name="TagServices" comment="" ro="False"/>
     </ServiceGroup>
     <ObjectGroup id="id1600X5690" name="Firewalls" comment="" ro="False">
-      <Firewall id="id8899X28426" host_OS="linux317" inactive="False" lastCompiled="1646664610" lastInstalled="1646664630" lastModified="1648829844" platform="iptables" version="1.4.20" name="kvmhost02" comment="" ro="False">
+      <Firewall id="id8899X28426" host_OS="linux317" inactive="False" lastCompiled="1678195668" lastInstalled="1678195683" lastModified="1678195662" platform="iptables" version="1.4.20" name="kvmhost02" comment="" ro="False">
         <NAT id="id13393X65696" name="NAT" comment="" ro="False" ipv4_rule_set="True" ipv6_rule_set="False" top_rule_set="True">
           <NATRule id="id13395X65696" disabled="False" group="outgoing NAT" position="0" action="Translate" comment="NAT all outgoing mail traffic to mail IP">
             <OSrc neg="False">
@@ -3485,6 +3515,7 @@
               <ObjectRef ref="id10512X16353"/>
               <ObjectRef ref="id12323X6099"/>
               <ObjectRef ref="id8526X5690"/>
+              <ObjectRef ref="id14062X306668"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="tcp-HTTP"/>
@@ -4097,12 +4128,12 @@
           <Option name="linux24_log_martians"/>
           <Option name="linux24_path_brctl"/>
           <Option name="linux24_path_ifenslave"/>
-          <Option name="linux24_path_ip"/>
+          <Option name="linux24_path_ip">/sbin/ip</Option>
           <Option name="linux24_path_ip6tables">/usr/sbin/ip6tables</Option>
-          <Option name="linux24_path_ip6tables_restore"/>
+          <Option name="linux24_path_ip6tables_restore">/usr/sbin/ip6tables-restore</Option>
           <Option name="linux24_path_ipset"/>
           <Option name="linux24_path_iptables">/usr/sbin/iptables</Option>
-          <Option name="linux24_path_iptables_restore"/>
+          <Option name="linux24_path_iptables_restore">/usr/sbin/iptables-restore</Option>
           <Option name="linux24_path_logger"/>
           <Option name="linux24_path_lsmod"/>
           <Option name="linux24_path_modprobe"/>