|
|
@@ -2455,7 +2455,7 @@
|
|
|
<ServiceGroup id="id1599X5690" name="TagServices" comment="" ro="False"/>
|
|
|
</ServiceGroup>
|
|
|
<ObjectGroup id="id1600X5690" name="Firewalls" comment="" ro="False">
|
|
|
- <Firewall id="id8899X28426" host_OS="linux317" inactive="False" lastCompiled="1600959175" lastInstalled="1599724529" lastModified="1600959698" platform="iptables" version="1.4.20" name="kvmhost02" comment="" ro="False">
|
|
|
+ <Firewall id="id8899X28426" host_OS="linux317" inactive="False" lastCompiled="1612891909" lastInstalled="1612891959" lastModified="1612891888" platform="iptables" version="1.4.20" name="kvmhost02" comment="" ro="False">
|
|
|
<NAT id="id13393X65696" name="NAT" comment="" ro="False" ipv4_rule_set="True" ipv6_rule_set="False" top_rule_set="True">
|
|
|
<NATRule id="id13395X65696" disabled="False" group="outgoing NAT" position="0" action="Translate" comment="NAT all outgoing mail traffic to mail IP">
|
|
|
<OSrc neg="False">
|
|
|
@@ -2756,7 +2756,34 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id13748X65696" disabled="False" group="wlanctl" position="11" action="Translate" comment="TODO: add Proxy rules">
|
|
|
+ <NATRule id="id13885X7057" disabled="False" group="web_access" position="11" action="Translate" comment="">
|
|
|
+ <OSrc neg="False">
|
|
|
+ <ObjectRef ref="sysid0"/>
|
|
|
+ </OSrc>
|
|
|
+ <ODst neg="False">
|
|
|
+ <ObjectRef ref="id8908X28426"/>
|
|
|
+ </ODst>
|
|
|
+ <OSrv neg="False">
|
|
|
+ <ServiceRef ref="id1577X28030"/>
|
|
|
+ </OSrv>
|
|
|
+ <TSrc neg="False">
|
|
|
+ <ObjectRef ref="sysid0"/>
|
|
|
+ </TSrc>
|
|
|
+ <TDst neg="False">
|
|
|
+ <ObjectRef ref="id11161X65696"/>
|
|
|
+ </TDst>
|
|
|
+ <TSrv neg="False">
|
|
|
+ <ServiceRef ref="sysid1"/>
|
|
|
+ </TSrv>
|
|
|
+ <ItfInb neg="False">
|
|
|
+ <ObjectRef ref="sysid0"/>
|
|
|
+ </ItfInb>
|
|
|
+ <ItfOutb neg="False">
|
|
|
+ <ObjectRef ref="sysid0"/>
|
|
|
+ </ItfOutb>
|
|
|
+ <NATRuleOptions/>
|
|
|
+ </NATRule>
|
|
|
+ <NATRule id="id13748X65696" disabled="False" group="wlanctl" position="12" action="Translate" comment="TODO: add Proxy rules">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -2787,7 +2814,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id13795X65696" disabled="False" group="wlanctl" position="12" action="Translate" comment="">
|
|
|
+ <NATRule id="id13795X65696" disabled="False" group="wlanctl" position="13" action="Translate" comment="">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -2814,7 +2841,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id13909X40508" disabled="False" group="jitsi-meet" position="13" action="Translate" comment="">
|
|
|
+ <NATRule id="id13909X40508" disabled="False" group="jitsi-meet" position="14" action="Translate" comment="">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -2842,7 +2869,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id13838X65696" disabled="False" group="external ssh access" position="14" action="Translate" comment="allow sftp access for ">
|
|
|
+ <NATRule id="id13838X65696" disabled="False" group="external ssh access" position="15" action="Translate" comment="allow sftp access for ">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -2869,7 +2896,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id13881X65696" disabled="False" group="external ssh access" position="15" action="Translate" comment="allow ssh access for authorized users">
|
|
|
+ <NATRule id="id13881X65696" disabled="False" group="external ssh access" position="16" action="Translate" comment="allow ssh access for authorized users">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -2896,7 +2923,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id13924X65696" disabled="False" group="external ssh access" position="16" action="Translate" comment="ssh for gogs git repo">
|
|
|
+ <NATRule id="id13924X65696" disabled="False" group="external ssh access" position="17" action="Translate" comment="ssh for gogs git repo">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -2923,7 +2950,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id14010X65696" disabled="False" group="external ssh access" position="17" action="Translate" comment="">
|
|
|
+ <NATRule id="id14010X65696" disabled="False" group="external ssh access" position="18" action="Translate" comment="">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -2950,7 +2977,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id12226X15942" disabled="False" group="" position="18" action="Translate" comment="">
|
|
|
+ <NATRule id="id12226X15942" disabled="False" group="" position="19" action="Translate" comment="">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -2978,7 +3005,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id14053X65696" disabled="False" group="" position="19" action="Translate" comment="">
|
|
|
+ <NATRule id="id14053X65696" disabled="False" group="" position="20" action="Translate" comment="">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -3011,7 +3038,7 @@
|
|
|
</ItfOutb>
|
|
|
<NATRuleOptions/>
|
|
|
</NATRule>
|
|
|
- <NATRule id="id14102X65696" disabled="False" group="" position="20" action="Translate" comment="">
|
|
|
+ <NATRule id="id14102X65696" disabled="False" group="" position="21" action="Translate" comment="">
|
|
|
<OSrc neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
|
|
</OSrc>
|
|
|
@@ -3303,6 +3330,7 @@
|
|
|
<Srv neg="False">
|
|
|
<ServiceRef ref="id9722X36891"/>
|
|
|
<ServiceRef ref="id9739X36891"/>
|
|
|
+ <ServiceRef ref="id1577X28030"/>
|
|
|
</Srv>
|
|
|
<Itf neg="False">
|
|
|
<ObjectRef ref="sysid0"/>
|
Maximilian Ronniger