onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2025-10-15 23:18:51 +02:00
Code Issues Releases Wiki Activity

see #2367 added test cases for options tag, classify and route and combinations - test object firewall111

Browse Source
This commit is contained in:
Vadim Kurland 2011-05-10 14:57:12 -07:00
parent ada42c100a
commit 7ef3e583e5
78 changed files with 2326 additions and 222 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
test/ipt/rc.firewall.local
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.1.ma_1
# Firewall Builder fwb_ipt v4.3.0.1
#
# Generated Fri May 6 17:49:51 2011 PDT by vadim
# Generated Tue May 10 14:07:58 2011 PDT by vadim
#
# files: * rc.firewall.local /etc/rc.d//rc.firewall.local
#

6
test/pf/firewall-base-rulesets.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:27 2011 PST by vadim
# Generated Tue May 10 14:53:33 2011 PDT by vadim
#
# files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
# files: firewall-base-rulesets.conf /etc/fw/firewall-base-rulesets.conf
@ -169,7 +169,7 @@ configure_interfaces() {
update_addresses_of_interface "en2 192.168.100.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:27 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:33 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall-ipv6-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:28 2011 PST by vadim
# Generated Tue May 10 14:53:33 2011 PDT by vadim
#
# files: * firewall-ipv6-1.fw pf-ipv6.fw
# files: firewall-ipv6-1.conf /etc/fw/pf-ipv6.conf
@ -181,7 +181,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:28 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:33 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall-ipv6-2.conf.orig
View File

@ -5,7 +5,7 @@
# Tables: (5)
table <tbl.r4.s> { 222.222.222.22 , 222.222.222.23 }
table <tbl.r4.sx> { 2001:5c0:0:2::24 , 3ffe:1200:2000::/36 , 3ffe:1200:2001:1:8000::1 }
table <tbl.r5.s> { 61.150.47.112 , 74.125.224.48 , 74.125.224.49 , 74.125.224.50 , 74.125.224.51 , 74.125.224.52 , 192.168.1.0 }
table <tbl.r5.s> { 61.150.47.112 , 64.233.183.99 , 64.233.183.103 , 64.233.183.104 , 64.233.183.105 , 64.233.183.106 , 64.233.183.147 , 192.168.1.0 }
table <tbl.r5.sx> { 2001:5c0:0:2::24 , 3ffe:1200:2001:1:8000::1 }
table <tbl.r7.s> { 61.150.47.112 , 192.168.1.0 }

6
test/pf/firewall-ipv6-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:28 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * firewall-ipv6-2.fw pf.fw
# files: firewall-ipv6-2.conf pf.conf
@ -185,7 +185,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:28 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall-ipv6-3.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:28 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
# files: firewall-ipv6-3.conf /etc/firewall-ipv6-3.conf

6
test/pf/firewall.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:04 2011 PST by vadim
# Generated Tue May 10 14:53:08 2011 PDT by vadim
#
# files: * firewall.fw /etc/pf.fw
# files: firewall.conf /etc/pf.conf
@ -173,7 +173,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:04 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:08 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:05 2011 PST by vadim
# Generated Tue May 10 14:53:08 2011 PDT by vadim
#
# files: * firewall1.fw /etc/fw/firewall1.fw
# files: firewall1.conf /etc/fw/firewall1.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:05 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:08 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:06 2011 PST by vadim
# Generated Tue May 10 14:53:09 2011 PDT by vadim
#
# files: * firewall10-1.fw /etc/fw/firewall10-1.fw
# files: firewall10-1.conf /etc/fw/firewall10-1.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:06 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:09 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall10-2.fw.orig
View File

@ -2,14 +2,14 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:06 2011 PST by vadim
# Generated Tue May 10 14:53:10 2011 PDT by vadim
#
# files: * firewall10-2.fw /etc/fw/firewall10-2.fw
# files: firewall10-2.conf /etc/fw/firewall10-2.conf
#
# Compiled for pf 4.x
# Compiled for pf 4.0
#
# PF 4.x, testing
# "flags S/SA keep state"
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:06 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:10 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:07 2011 PST by vadim
# Generated Tue May 10 14:53:11 2011 PDT by vadim
#
# files: * firewall10-3.fw /etc/fw/firewall10-3.fw
# files: firewall10-3.conf /etc/fw/firewall10-3.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:07 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:11 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall10-4.fw.orig
View File

@ -2,14 +2,14 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:09 2011 PST by vadim
# Generated Tue May 10 14:53:13 2011 PDT by vadim
#
# files: * firewall10-4.fw /etc/fw/firewall10-4.fw
# files: firewall10-4.conf /etc/fw/firewall10-4.conf
#
# Compiled for pf 4.x
# Compiled for pf 4.0
#
# PF 4.x, testing
# "flags S/SA keep state"
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:09 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:13 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:10 2011 PST by vadim
# Generated Tue May 10 14:53:14 2011 PDT by vadim
#
# files: * firewall10-5.fw /etc/fw/firewall10-5.fw
# files: firewall10-5.conf /etc/fw/firewall10-5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:10 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:14 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall10-6.fw.orig
View File

@ -2,14 +2,14 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:11 2011 PST by vadim
# Generated Tue May 10 14:53:15 2011 PDT by vadim
#
# files: * firewall10-6.fw /etc/fw/firewall10-6.fw
# files: firewall10-6.conf /etc/fw/firewall10-6.conf
#
# Compiled for pf 4.x
# Compiled for pf 4.0
#
# PF 4.x, testing
# "flags S/SA keep state"
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:11 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:15 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall100.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:05 2011 PST by vadim
# Generated Tue May 10 14:53:08 2011 PDT by vadim
#
# files: * firewall100.fw /etc/fw/pf.fw
# files: firewall100.conf /etc/fw/path\ with\ space/pf.conf
@ -167,7 +167,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:05 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:08 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall101.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:05 2011 PST by vadim
# Generated Tue May 10 14:53:09 2011 PDT by vadim
#
# files: * firewall101.fw /etc/fw/pf.fw
# files: firewall101.conf /etc/fw/path\ with\ space/pf.conf
@ -170,7 +170,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:05 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:09 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall102.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:06 2011 PST by vadim
# Generated Tue May 10 14:53:10 2011 PDT by vadim
#
# files: * firewall102.fw /etc/fw/pf.fw
# files: firewall102.conf /etc/fw/path\ with\ space/pf.conf

6
test/pf/firewall103-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:08 2011 PST by vadim
# Generated Tue May 10 14:53:12 2011 PDT by vadim
#
# files: * firewall103-1.fw /etc/fw/pf.fw
# files: firewall103-1.conf /etc/fw/path\ with\ space/pf.conf
@ -394,7 +394,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:08 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:12 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall103-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:08 2011 PST by vadim
# Generated Tue May 10 14:53:12 2011 PDT by vadim
#
# files: * firewall103-2.fw /etc/fw/pf.fw
# files: firewall103-2.conf /etc/fw/path\ with\ space/pf.conf
@ -394,7 +394,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:08 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:12 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall103.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:07 2011 PST by vadim
# Generated Tue May 10 14:53:11 2011 PDT by vadim
#
# files: * firewall103.fw /etc/fw/pf.fw
# files: firewall103.conf /etc/fw/path\ with\ space/pf.conf
@ -397,7 +397,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:07 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:11 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall104-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:09 2011 PST by vadim
# Generated Tue May 10 14:53:14 2011 PDT by vadim
#
# files: * firewall104-1.fw /etc/fw/pf.fw
# files: firewall104-1.conf /etc/fw/path\ with\ space/pf.conf
@ -393,7 +393,7 @@ configure_interfaces() {
$IFCONFIG bridge0 -stp em3
}
log "Activating firewall script generated Sat Mar 12 19:45:09 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:14 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall104.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:09 2011 PST by vadim
# Generated Tue May 10 14:53:13 2011 PDT by vadim
#
# files: * firewall104.fw /etc/fw/pf.fw
# files: firewall104.conf /etc/fw/path\ with\ space/pf.conf
@ -396,7 +396,7 @@ configure_interfaces() {
$IFCONFIG bridge0 stp em3
}
log "Activating firewall script generated Sat Mar 12 19:45:09 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:13 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall105.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:10 2011 PST by vadim
# Generated Tue May 10 14:53:14 2011 PDT by vadim
#
# files: * firewall105.fw /etc/fw/pf.fw
# files: firewall105.conf /etc/fw/path\ with\ space/pf.conf

4
test/pf/firewall106.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:10 2011 PST by vadim
# Generated Tue May 10 14:53:15 2011 PDT by vadim
#
# files: * firewall106.fw /etc/fw/pf.fw
# files: firewall106.conf /etc/fw/path\ with\ space/pf.conf

6
test/pf/firewall107.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:11 2011 PST by vadim
# Generated Tue May 10 14:53:15 2011 PDT by vadim
#
# files: * firewall107.fw /etc/fw/pf.fw
# files: firewall107.conf /etc/fw/path\ with\ space/pf.conf
@ -395,7 +395,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan102 192.168.102.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:11 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:15 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall108.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:12 2011 PST by vadim
# Generated Tue May 10 14:53:16 2011 PDT by vadim
#
# files: * firewall108.fw /etc/fw/pf.fw
# files: firewall108.conf /etc/fw/path\ with\ space/pf.conf

4
test/pf/firewall109-1.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:13 2011 PST by vadim
# Generated Tue May 10 14:53:17 2011 PDT by vadim
#
# files: * firewall109-1.fw /etc/fw/pf.fw
# files: firewall109-1.conf /etc/fw/path\ with\ space/pf.conf

6
test/pf/firewall109-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:13 2011 PST by vadim
# Generated Tue May 10 14:53:17 2011 PDT by vadim
#
# files: * firewall109-2.fw /etc/fw/pf.fw
# files: firewall109-2.conf /etc/fw/path\ with\ space/pf.conf
@ -400,7 +400,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:13 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:17 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall109-3.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:13 2011 PST by vadim
# Generated Tue May 10 14:53:18 2011 PDT by vadim
#
# files: * firewall109-3.fw /etc/fw/pf.fw
# files: firewall109-3.conf /etc/fw/path\ with\ space/pf.conf

6
test/pf/firewall109.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:12 2011 PST by vadim
# Generated Tue May 10 14:53:16 2011 PDT by vadim
#
# files: * firewall109.fw /etc/fw/pf.fw
# files: firewall109.conf /etc/fw/path\ with\ space/pf.conf
@ -401,7 +401,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:12 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:16 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall11.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:14 2011 PST by vadim
# Generated Tue May 10 14:53:18 2011 PDT by vadim
#
# files: * firewall11.fw /etc/firewall11.fw
# files: firewall11.conf /etc/firewall11.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:14 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:18 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall110.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:14 2011 PST by vadim
# Generated Tue May 10 14:53:19 2011 PDT by vadim
#
# files: * firewall110.fw /etc/fw/firewall110.fw
# files: firewall110.conf /etc/fw/firewall110.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:14 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:19 2011 by vadim"
set_kernel_vars
configure_interfaces

0
test/pf/firewall111-Policy_1.conf.orig Normal file
View File

140
test/pf/firewall111.conf.orig Normal file
View File

@ -0,0 +1,140 @@
#
# Scrub rules
#
scrub in all fragment reassemble
# Policy compiler errors and warnings:
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '3 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '6 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '7 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '8 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '9 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '18 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '19 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '20 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '21 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '30 (global)' below it
#
# Rule 0 (global)
pass inet from any to any tag tag2 no state
#
# Rule 1 (global)
pass inet from any to any tag tag2
#
# Rule 2 (global)
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '18 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '19 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '20 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '21 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '3 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '30 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '6 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '7 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '8 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '9 (global)' below it
pass quick inet from any to any tag tag2
#
# Rule 3 (global)
pass quick inet from any to any tag tag2 no state
#
# Rule 4 (global)
pass inet from any to any tag tag2 no state
#
# Rule 5 (global)
anchor "Policy_1" inet from any to any tag tag2 no state
#
# Rule 6 (global)
pass inet from any to any no state queue ssh_q
#
# Rule 7 (global)
pass inet from any to any queue ssh_q
#
# Rule 8 (global)
pass quick inet from any to any queue ssh_q
#
# Rule 9 (global)
pass quick inet from any to any no state queue ssh_q
#
# Rule 10 (global)
pass inet from any to any no state queue ssh_q
#
# Rule 11 (global)
anchor "Policy_1" inet from any to any no state queue ssh_q
#
# Rule 12 (global)
pass in route-to { ( le0 192.168.1.100 ) } inet from any to any no state
pass out route-to { ( le0 192.168.1.100 ) } inet from any to any no state
#
# Rule 13 (global)
pass in route-to { ( le0 192.168.1.100 ) } inet from any to any
pass out route-to { ( le0 192.168.1.100 ) } inet from any to any
#
# Rule 14 (global)
pass in quick route-to { ( le0 192.168.1.100 ) } inet from any to any
pass out quick route-to { ( le0 192.168.1.100 ) } inet from any to any
#
# Rule 15 (global)
pass in quick route-to { ( le0 192.168.1.100 ) } inet from any to any no state
pass out quick route-to { ( le0 192.168.1.100 ) } inet from any to any no state
#
# Rule 16 (global)
pass in route-to { ( le0 192.168.1.100 ) } inet from any to any no state
pass out route-to { ( le0 192.168.1.100 ) } inet from any to any no state
#
# Rule 17 (global)
anchor "Policy_1" in route-to { ( le0 192.168.1.100 ) } inet from any to any no state
anchor "Policy_1" out route-to { ( le0 192.168.1.100 ) } inet from any to any no state
#
# Rule 18 (global)
pass inet from any to any tag tag2 no state queue ssh_q
#
# Rule 19 (global)
pass inet from any to any tag tag2 queue ssh_q
#
# Rule 20 (global)
pass quick inet from any to any tag tag2 queue ssh_q
#
# Rule 21 (global)
pass quick inet from any to any tag tag2 no state queue ssh_q
#
# Rule 22 (global)
pass inet from any to any tag tag2 no state queue ssh_q
#
# Rule 23 (global)
anchor "Policy_1" inet from any to any tag tag2 no state queue ssh_q
#
# Rule 24 (global)
pass in route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 no state queue ssh_q
pass out route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 no state queue ssh_q
#
# Rule 25 (global)
pass in route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 queue ssh_q
pass out route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 queue ssh_q
#
# Rule 26 (global)
pass in quick route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 queue ssh_q
pass out quick route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 queue ssh_q
#
# Rule 27 (global)
pass in quick route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 no state queue ssh_q
pass out quick route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 no state queue ssh_q
#
# Rule 28 (global)
pass in route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 no state queue ssh_q
pass out route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 no state queue ssh_q
#
# Rule 29 (global)
anchor "Policy_1" in route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 no state queue ssh_q
anchor "Policy_1" out route-to { ( le0 192.168.1.100 ) } inet from any to any tag tag2 no state queue ssh_q
#
# Rule 30 (global)
block quick inet from any to any no state
#
# Rule fallback rule
# fallback rule
block quick inet from any to any no state
load anchor Policy_1 from "/etc/fw/firewall111-Policy_1.conf"

103
test/pf/firewall111.fw.orig Executable file
View File

@ -0,0 +1,103 @@
#!/bin/sh
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Tue May 10 14:53:19 2011 PDT by vadim
#
# files: * firewall111.fw /etc/fw/firewall111.fw
# files: firewall111.conf /etc/fw/firewall111.conf
# files: firewall111-Policy_1.conf /etc/fw/firewall111-Policy_1.conf
#
# Compiled for pf 4.0
#
# testing rules with options tag, classify and route and combinations
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '3 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '6 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '7 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '8 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '9 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '18 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '19 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '20 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '21 (global)' below it
# firewall111:Policy:2: error: Rule '2 (global)' shadows rule '30 (global)' below it
FWDIR=`dirname $0`
IFCONFIG="/sbin/ifconfig"
PFCTL="/sbin/pfctl"
IPFW="/sbin/ipfw"
IPF="/sbin/ipf"
IPNAT="/sbin/ipnat"
SYSCTL="/sbin/sysctl"
LOGGER="/usr/bin/logger"
log() {
echo "$1"
command -v "$LOGGER" >/dev/null 2>&1 && $LOGGER -p info "$1"
}
diff_intf() {
func=$1
list1=$2
list2=$3
cmd=$4
for intf in $list1
do
echo $list2 | grep -q $intf || {
# $vlan is absent in list 2
$func $intf $cmd
}
done
}
verify_interfaces() {
:
}
set_kernel_vars() {
:
}
prolog_commands() {
:
}
epilog_commands() {
:
}
run_epilog_and_exit() {
epilog_commands
exit $1
}
configure_interfaces() {
:
}
log "Activating firewall script generated Tue May 10 14:53:19 2011 by vadim"
set_kernel_vars
configure_interfaces
prolog_commands
$PFCTL -f /etc/fw/firewall111.conf || exit 1
epilog_commands

8
test/pf/firewall12.fw.orig
View File

@ -2,14 +2,14 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:14 2011 PST by vadim
# Generated Tue May 10 14:53:19 2011 PDT by vadim
#
# files: * firewall12.fw /etc/fw/firewall12.fw
# files: firewall12.conf /etc/fw/firewall12.conf
#
# Compiled for pf 4.x
# Compiled for pf 4.0
#
# This firewall does not do NAT for addresses, but translates port for a server
@ -165,7 +165,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:14 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:19 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall13.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:15 2011 PST by vadim
# Generated Tue May 10 14:53:20 2011 PDT by vadim
#
# files: * firewall13.fw /etc/fw/firewall13.fw
# files: firewall13.conf /etc/fw/firewall13.conf
@ -88,7 +88,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:15 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:20 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall14-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:16 2011 PST by vadim
# Generated Tue May 10 14:53:20 2011 PDT by vadim
#
# files: * firewall14-1.fw /etc/firewall14-1.fw
# files: firewall14-1.conf /etc/firewall14-1.conf
@ -248,7 +248,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:16 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:20 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall14.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:15 2011 PST by vadim
# Generated Tue May 10 14:53:20 2011 PDT by vadim
#
# files: * firewall14.fw /etc/firewall14.fw
# files: firewall14.conf /etc/firewall14.conf
@ -248,7 +248,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:15 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:20 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall2-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:17 2011 PST by vadim
# Generated Tue May 10 14:53:22 2011 PDT by vadim
#
# files: * firewall2-1.fw /etc/fw/firewall2-1.fw
# files: firewall2-1.conf /etc/fw/firewall2-1.conf
@ -88,7 +88,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:17 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:22 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall2-6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:18 2011 PST by vadim
# Generated Tue May 10 14:53:23 2011 PDT by vadim
#
# files: * firewall2-6.fw /etc/firewall2-6.fw
# files: firewall2-6.conf /etc/firewall2-6.conf
@ -170,7 +170,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:18 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:23 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:16 2011 PST by vadim
# Generated Tue May 10 14:53:21 2011 PDT by vadim
#
# files: * firewall2.fw /etc/fw/firewall2.fw
# files: firewall2.conf /etc/fw/firewall2.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:16 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:21 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall20.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:17 2011 PST by vadim
# Generated Tue May 10 14:53:21 2011 PDT by vadim
#
# files: * firewall20.fw /etc/fw/firewall20.fw
# files: firewall20.conf /etc/fw/firewall20.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:17 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:21 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall21.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:17 2011 PST by vadim
# Generated Tue May 10 14:53:22 2011 PDT by vadim
#
# files: * firewall21.fw /etc/fw/firewall21.fw
# files: firewall21.conf /etc/fw/firewall21.conf
@ -81,7 +81,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:17 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:22 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall22.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:18 2011 PST by vadim
# Generated Tue May 10 14:53:23 2011 PDT by vadim
#
# files: * firewall22.fw /etc/fw/firewall22.fw
# files: firewall22.conf /etc/fw/firewall22.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:18 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:23 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:18 2011 PST by vadim
# Generated Tue May 10 14:53:24 2011 PDT by vadim
#
# files: * firewall3.fw /etc/firewall3.fw
# files: firewall3.conf /etc/firewall3.conf
@ -165,7 +165,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:18 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:24 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall33.conf.orig
View File

@ -6,7 +6,7 @@
table <tbl.r0> { 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
table <tbl.r10.d> { www.google.com , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
table <tbl.r2> { www.google.com , www.cnn.com }
table <tbl.r8.d> { 74.125.224.48 , 74.125.224.49 , 74.125.224.50 , 74.125.224.51 , 74.125.224.52 , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
table <tbl.r8.d> { 64.233.183.99 , 64.233.183.103 , 64.233.183.104 , 64.233.183.105 , 64.233.183.106 , 64.233.183.147 , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
#
# Rule 0 (NAT)

6
test/pf/firewall33.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:19 2011 PST by vadim
# Generated Tue May 10 14:53:24 2011 PDT by vadim
#
# files: * firewall33.fw /etc/fw/firewall33.fw
# files: firewall33.conf /etc/fw/firewall33.conf
@ -168,7 +168,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:19 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:24 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall34.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:19 2011 PST by vadim
# Generated Tue May 10 14:53:24 2011 PDT by vadim
#
# files: * firewall34.fw /etc/fw/firewall34.fw
# files: firewall34.conf /etc/fw/firewall34.conf
@ -164,7 +164,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:19 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:24 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall38.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:20 2011 PST by vadim
# Generated Tue May 10 14:53:25 2011 PDT by vadim
#
# files: * firewall38.fw /etc/fw/firewall38.fw
# files: firewall38.conf /etc/fw/firewall38.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:20 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:25 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall39.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:20 2011 PST by vadim
# Generated Tue May 10 14:53:25 2011 PDT by vadim
#
# files: * firewall39.fw pf.fw
# files: firewall39.conf pf.conf
@ -79,7 +79,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:20 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:25 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:21 2011 PST by vadim
# Generated Tue May 10 14:53:25 2011 PDT by vadim
#
# files: * firewall4.fw pf.fw
# files: firewall4.conf /etc/fw/pf.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:21 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:25 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall40-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:21 2011 PST by vadim
# Generated Tue May 10 14:53:26 2011 PDT by vadim
#
# files: * firewall40-1.fw /etc/firewall40-1.fw
# files: firewall40-1.conf /etc/firewall40-1.conf
@ -182,7 +182,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:21 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:26 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall40.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:21 2011 PST by vadim
# Generated Tue May 10 14:53:26 2011 PDT by vadim
#
# files: * firewall40.fw /etc/firewall40.fw
# files: firewall40.conf /etc/firewall40.conf
@ -166,7 +166,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:21 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:26 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall41.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:22 2011 PST by vadim
# Generated Tue May 10 14:53:27 2011 PDT by vadim
#
# files: * firewall41.fw /etc/firewall41.fw
# files: firewall41.conf /etc/firewall41.conf
@ -169,7 +169,7 @@ configure_interfaces() {
update_addresses_of_interface "eth1 2.2.2.2/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:22 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:27 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:22 2011 PST by vadim
# Generated Tue May 10 14:53:27 2011 PDT by vadim
#
# files: * firewall5.fw /etc/fw/firewall5.fw
# files: firewall5.conf /etc/fw/firewall5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:22 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:27 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall51.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:22 2011 PST by vadim
# Generated Tue May 10 14:53:28 2011 PDT by vadim
#
# files: * firewall51.fw /etc/fw/firewall51.fw
# files: firewall51.conf /etc/fw/firewall51.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:22 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:28 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:23 2011 PST by vadim
# Generated Tue May 10 14:53:28 2011 PDT by vadim
#
# files: * firewall6.fw /etc/fw/firewall6.fw
# files: firewall6.conf /etc/fw/firewall6.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:23 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:28 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall62.fw.orig
View File

@ -2,14 +2,14 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:23 2011 PST by vadim
# Generated Tue May 10 14:53:29 2011 PDT by vadim
#
# files: * firewall62.fw /etc/firewall62.fw
# files: firewall62.conf /etc/firewall62.conf
#
# Compiled for pf 4.x
# Compiled for pf 4.0
#
# testing rules using UserService object
# Note that iptables does not allow entering
@ -191,7 +191,7 @@ configure_interfaces() {
update_addresses_of_interface "en1 222.222.222.222/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:23 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:29 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall63.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:24 2011 PST by vadim
# Generated Tue May 10 14:53:29 2011 PDT by vadim
#
# files: * firewall63.fw /etc/fw/firewall63.fw
# files: firewall63.conf /etc/fw/firewall63.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:24 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:29 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall7.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:24 2011 PST by vadim
# Generated Tue May 10 14:53:29 2011 PDT by vadim
#
# files: * firewall7.fw /etc/fw/firewall7.fw
# files: firewall7.conf /etc/fw/firewall7.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:24 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:29 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall70.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:24 2011 PST by vadim
# Generated Tue May 10 14:53:30 2011 PDT by vadim
#
# files: * firewall70.fw /etc/fw/firewall70.fw
# files: firewall70.conf /etc/fw/firewall70.conf
@ -82,7 +82,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:24 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:30 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall8.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:25 2011 PST by vadim
# Generated Tue May 10 14:53:30 2011 PDT by vadim
#
# files: * firewall8.fw /etc/firewall8.fw
# files: firewall8.conf /etc/firewall8.conf
@ -72,7 +72,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:25 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:30 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall80-4.5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:25 2011 PST by vadim
# Generated Tue May 10 14:53:31 2011 PDT by vadim
#
# files: * firewall80-4.5.fw /etc/firewall80-4.5.fw
# files: firewall80-4.5.conf /etc/firewall80-4.5.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:25 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:31 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall80.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:25 2011 PST by vadim
# Generated Tue May 10 14:53:30 2011 PDT by vadim
#
# files: * firewall80.fw /etc/firewall80.fw
# files: firewall80.conf /etc/firewall80.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:25 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:30 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall9.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:26 2011 PST by vadim
# Generated Tue May 10 14:53:31 2011 PDT by vadim
#
# files: * firewall9.fw /etc/fw/firewall9.fw
# files: firewall9.conf /etc/fw/firewall9.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sat Mar 12 19:45:26 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:31 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall91.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:26 2011 PST by vadim
# Generated Tue May 10 14:53:32 2011 PDT by vadim
#
# files: * firewall91.fw /etc/fw/pf.fw
# files: firewall91.conf /etc/fw/pf.conf
@ -247,7 +247,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:26 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:32 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall92.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:27 2011 PST by vadim
# Generated Tue May 10 14:53:32 2011 PDT by vadim
#
# files: * firewall92.fw /etc/fw/pf.fw
# files: firewall92.conf /etc/fw/path\ with\ space/pf.conf
@ -166,7 +166,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:27 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:32 2011 by vadim"
set_kernel_vars
configure_interfaces

1877
test/pf/objects-for-regression-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1297891427" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1305062906" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@ -11096,7 +11096,7 @@
<Option name="use_tables">True</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id4699570022254" host_OS="openbsd" inactive="False" lastCompiled="1249943166" lastInstalled="0" lastModified="1249943161" platform="pf" version="4.x" name="firewall10-2" comment="PF 4.x, testing &#10;&quot;flags S/SA keep state&quot;" ro="False">
<Firewall id="id4699570022254" host_OS="openbsd" inactive="False" lastCompiled="1249943166" lastInstalled="0" lastModified="1305064193" platform="pf" version="4.0" name="firewall10-2" comment="PF 4.x, testing &#10;&quot;flags S/SA keep state&quot;" ro="False">
<NAT id="id4699573822254" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<NATRule id="id4699573922254" disabled="True" group="" position="0" action="Translate" comment="">
<OSrc neg="False">
@ -11732,7 +11732,7 @@
<Option name="use_tables">True</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id4699494C22616" host_OS="openbsd" inactive="False" lastCompiled="1202682010" lastInstalled="0" lastModified="1202681983" platform="pf" version="4.x" name="firewall10-4" comment="PF 4.x, testing &#10;&quot;flags S/SA keep state&quot;&#10;&quot;Accept tcp sessions opened&#10;prior to restart&quot; is ON&#10;" ro="False">
<Firewall id="id4699494C22616" host_OS="openbsd" inactive="False" lastCompiled="1202682010" lastInstalled="0" lastModified="1305064201" platform="pf" version="4.0" name="firewall10-4" comment="PF 4.x, testing &#10;&quot;flags S/SA keep state&quot;&#10;&quot;Accept tcp sessions opened&#10;prior to restart&quot; is ON&#10;" ro="False">
<NAT id="id4699498422616" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<NATRule id="id4699498522616" disabled="True" group="" position="0" action="Translate" comment="">
<OSrc neg="False">
@ -12400,7 +12400,7 @@
<Option name="use_tables">True</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id46F6064010002" host_OS="openbsd" inactive="False" lastCompiled="1202682012" lastInstalled="0" lastModified="1202681995" platform="pf" version="4.x" name="firewall10-6" comment="PF 4.x, testing &#10;&quot;flags S/SA keep state&quot;&#10;&quot;Accept tcp sessions opened&#10;prior to restart&quot; is ON&#10;Using &quot;pass all outgoing&quot;&#10;" ro="False">
<Firewall id="id46F6064010002" host_OS="openbsd" inactive="False" lastCompiled="1202682012" lastInstalled="0" lastModified="1305064206" platform="pf" version="4.0" name="firewall10-6" comment="PF 4.x, testing &#10;&quot;flags S/SA keep state&quot;&#10;&quot;Accept tcp sessions opened&#10;prior to restart&quot; is ON&#10;Using &quot;pass all outgoing&quot;&#10;" ro="False">
<NAT id="id46F6067810002" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<NATRule id="id46F6067910002" disabled="True" group="" position="0" action="Translate" comment="">
<OSrc neg="False">
@ -15478,7 +15478,7 @@
<Option name="verify_interfaces">False</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id4848F19020246" host_OS="openbsd" inactive="False" lastCompiled="1255054109" lastInstalled="0" lastModified="1255054100" platform="pf" version="4.x" name="firewall62" comment="testing rules using UserService object&#10;Note that iptables does not allow entering&#10;iptables command that tries to match using module 'owner' in any chain&#10;other than OUTPUT. This includes user defined chains too (it checks&#10;how control passes to user defined chain and blocks command if&#10;it appears that user defined chain gets control not from OUTPUT)&#10;&#10;" ro="False">
<Firewall id="id4848F19020246" host_OS="openbsd" inactive="False" lastCompiled="1255054109" lastInstalled="0" lastModified="1305064357" platform="pf" version="4.0" name="firewall62" comment="testing rules using UserService object&#10;Note that iptables does not allow entering&#10;iptables command that tries to match using module 'owner' in any chain&#10;other than OUTPUT. This includes user defined chains too (it checks&#10;how control passes to user defined chain and blocks command if&#10;it appears that user defined chain gets control not from OUTPUT)&#10;&#10;" ro="False">
<NAT id="id4848F1D320246" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
@ -17111,7 +17111,7 @@
<Option name="use_tables">True</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id78969X23273" host_OS="openbsd" inactive="False" lastCompiled="1244584306" lastInstalled="1142003872" lastModified="1244586784" platform="pf" version="4.x" name="firewall12" comment="This firewall does not do NAT for addresses, but translates port for a server&#10;" ro="False">
<Firewall id="id78969X23273" host_OS="openbsd" inactive="False" lastCompiled="1244584306" lastInstalled="1142003872" lastModified="1305064312" platform="pf" version="4.0" name="firewall12" comment="This firewall does not do NAT for addresses, but translates port for a server&#10;" ro="False">
<NAT id="id79033X23273" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<NATRule id="id79034X23273" disabled="True" group="" position="0" action="Translate" comment="">
<OSrc neg="False">
@ -17670,7 +17670,7 @@
<Option name="verify_interfaces">False</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id79438X23273" host_OS="ios" inactive="False" lastCompiled="1221357477" lastInstalled="1223233524" lastModified="1243804646" platform="iosacl" version="12.x" name="c3620" comment="ff" ro="False">
<Firewall id="id79438X23273" host_OS="ios" inactive="False" lastCompiled="1221357477" lastInstalled="1223233524" lastModified="1243804646" platform="iosacl" version="12.1" name="c3620" comment="ff" ro="False">
<NAT id="id79872X23273" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
@ -23848,7 +23848,7 @@
<Option name="sshArgs"></Option>
</FirewallOptions>
</Firewall>
<Firewall id="id164588X20402" host_OS="freebsd" inactive="False" lastCompiled="1297645524" lastInstalled="0" lastModified="1297648836" platform="pf" version="" name="firewall110" comment="testing shadowing of rules with tag action " ro="False">
<Firewall id="id164588X20402" host_OS="freebsd" inactive="False" lastCompiled="1297645524" lastInstalled="0" lastModified="1305062829" platform="pf" version="" name="firewall110" comment="testing shadowing of rules with tag action" ro="False">
<NAT id="id164956X20402" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
@ -25637,6 +25637,1867 @@
<Option name="verify_interfaces">False</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id39552X32371" host_OS="freebsd" inactive="False" lastCompiled="1297645524" lastInstalled="0" lastModified="1305063598" platform="pf" version="4.0" name="firewall111" comment="testing rules with options tag, classify and route and combinations&#10;" ro="False">
<NAT id="id39665X32371" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
<Policy id="id39578X32371" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id39580X32371" disabled="False" group="tag" log="False" position="0" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">False</Option>
<Option name="classify_str"></Option>
<Option name="color">#C0BA44</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id697332X32371" disabled="False" group="tag" log="False" position="1" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">False</Option>
<Option name="classify_str"></Option>
<Option name="color">#C0BA44</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">False</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id64755X32371" disabled="False" group="tag" log="False" position="2" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">False</Option>
<Option name="classify_str"></Option>
<Option name="color">#C0BA44</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">False</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id799448X32371" disabled="False" group="tag" log="False" position="3" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">False</Option>
<Option name="classify_str"></Option>
<Option name="color">#C0BA44</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id114721X32371" disabled="False" group="tag" log="False" position="4" action="Accounting" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">False</Option>
<Option name="classify_str"></Option>
<Option name="color">#C0BA44</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id164799X32371" disabled="False" group="tag" log="False" position="5" action="Branch" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="branch_id">id164851X32371</Option>
<Option name="classification">False</Option>
<Option name="classify_str"></Option>
<Option name="color">#C0BA44</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id39608X32371" disabled="False" group="classify" log="False" position="6" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">True</Option>
<Option name="classify_str">ssh_q</Option>
<Option name="color">#8BC065</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id825093X32371" disabled="False" group="classify" log="False" position="7" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">True</Option>
<Option name="classify_str">ssh_q</Option>
<Option name="color">#8BC065</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">False</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id190018X32371" disabled="False" group="classify" log="False" position="8" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">True</Option>
<Option name="classify_str">ssh_q</Option>
<Option name="color">#8BC065</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">False</Option>
<Option name="tagging">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id825173X32371" disabled="False" group="classify" log="False" position="9" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">True</Option>
<Option name="classify_str">ssh_q</Option>
<Option name="color">#8BC065</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id190074X32371" disabled="False" group="classify" log="False" position="10" action="Accounting" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">True</Option>
<Option name="classify_str">ssh_q</Option>
<Option name="color">#8BC065</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id190130X32371" disabled="False" group="classify" log="False" position="11" action="Branch" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="branch_id">id164851X32371</Option>
<Option name="classification">True</Option>
<Option name="classify_str">ssh_q</Option>
<Option name="color">#8BC065</Option>
<Option name="custom_str"></Option>
<Option name="ipf_route_opt_addr"></Option>
<Option name="ipf_route_opt_if"></Option>
<Option name="ipf_route_option">route_reply_through</Option>
<Option name="ipfw_classify_method">2</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="ipfw_pipe_queue_num">0</Option>
<Option name="ipt_continue">False</Option>
<Option name="ipt_gw"></Option>
<Option name="ipt_iif"></Option>
<Option name="ipt_mark_connections">False</Option>
<Option name="ipt_oif"></Option>
<Option name="ipt_tee">False</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id493056X32371" disabled="False" group="route" log="False" position="12" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">False</Option>
<Option name="color">#7694C0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id825253X32371" disabled="False" group="route" log="False" position="13" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">False</Option>
<Option name="color">#7694C0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">False</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id518537X32371" disabled="False" group="route" log="False" position="14" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">False</Option>
<Option name="color">#7694C0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">False</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id825333X32371" disabled="False" group="route" log="False" position="15" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">False</Option>
<Option name="color">#7694C0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id518593X32371" disabled="False" group="route" log="False" position="16" action="Accounting" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">False</Option>
<Option name="color">#7694C0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id518649X32371" disabled="False" group="route" log="False" position="17" action="Branch" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="branch_id">id164851X32371</Option>
<Option name="classification">False</Option>
<Option name="color">#7694C0</Option>
<Option name="custom_str"></Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id928733X32371" disabled="False" group="tag + classify" log="False" position="18" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1164258X32371" disabled="False" group="tag + classify" log="False" position="19" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="stateless">False</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id954690X32371" disabled="False" group="tag + classify" log="False" position="20" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="stateless">False</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1164338X32371" disabled="False" group="tag + classify" log="False" position="21" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id980671X32371" disabled="False" group="tag + classify" log="False" position="22" action="Accounting" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id980751X32371" disabled="False" group="tag + classify" log="False" position="23" action="Branch" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="branch_id">id164851X32371</Option>
<Option name="classification">True</Option>
<Option name="custom_str"></Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1111088X32371" disabled="False" group="tag + classify + route" log="False" position="24" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="color">#A37EC0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1164098X32371" disabled="False" group="tag + classify + route" log="False" position="25" action="Continue" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="color">#A37EC0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">False</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1137537X32371" disabled="False" group="tag + classify + route" log="False" position="26" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="color">#A37EC0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">False</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1164178X32371" disabled="False" group="tag + classify + route" log="False" position="27" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="color">#A37EC0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1137593X32371" disabled="False" group="tag + classify + route" log="False" position="28" action="Accounting" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="classification">True</Option>
<Option name="color">#A37EC0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1137649X32371" disabled="False" group="tag + classify + route" log="False" position="29" action="Branch" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="branch_id">id164851X32371</Option>
<Option name="classification">True</Option>
<Option name="color">#A37EC0</Option>
<Option name="custom_str"></Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str">ssh_q</Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr">192.168.1.100</Option>
<Option name="pf_route_opt_if">le0</Option>
<Option name="pf_route_option">route_through</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">True</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">True</Option>
<Option name="tagobject_id">id1391120443</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id39636X32371" disabled="False" group="" log="False" position="30" action="Deny" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="action_on_reject"></Option>
<Option name="classification">False</Option>
<Option name="classify_str"></Option>
<Option name="custom_str"></Option>
<Option name="ipfw_pipe_method">0</Option>
<Option name="ipfw_pipe_port_num">0</Option>
<Option name="log_prefix"></Option>
<Option name="pf_classify_str"></Option>
<Option name="pf_fastroute">False</Option>
<Option name="pf_keep_state">False</Option>
<Option name="pf_max_src_conn">0</Option>
<Option name="pf_max_src_conn_flush">False</Option>
<Option name="pf_max_src_conn_global">False</Option>
<Option name="pf_max_src_conn_overload_table"></Option>
<Option name="pf_max_src_conn_rate_num">0</Option>
<Option name="pf_max_src_conn_rate_seconds">0</Option>
<Option name="pf_max_src_nodes">0</Option>
<Option name="pf_max_src_states">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_no_sync">False</Option>
<Option name="pf_pflow">False</Option>
<Option name="pf_route_load_option">none</Option>
<Option name="pf_route_opt_addr"></Option>
<Option name="pf_route_opt_if"></Option>
<Option name="pf_route_option">none</Option>
<Option name="pf_rule_max_state">0</Option>
<Option name="pf_sloppy_tracker">False</Option>
<Option name="pf_source_tracking">False</Option>
<Option name="pf_synproxy">False</Option>
<Option name="routing">False</Option>
<Option name="rule_name_accounting"></Option>
<Option name="stateless">True</Option>
<Option name="tagging">False</Option>
<Option name="tagobject_id"></Option>
</PolicyRuleOptions>
</PolicyRule>
<RuleSetOptions/>
</Policy>
<Policy id="id164851X32371" name="Policy_1" comment="" ro="False" ipv4_rule_set="True" ipv6_rule_set="False" top_rule_set="False">
<RuleSetOptions/>
</Policy>
<Routing id="id39668X32371" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</Routing>
<Interface id="id39560X32371" dedicated_failover="False" dyn="False" label="int_if" mgmt="False" security_level="100" unnum="False" unprotected="False" name="le0" comment="" ro="False">
<IPv4 id="id39563X32371" name="firewall111:le0:ip" comment="" ro="False" address="192.168.1.1" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id39565X32371" dedicated_failover="False" dyn="False" label="ext_if" mgmt="False" security_level="0" unnum="True" unprotected="False" name="enc0" comment="" ro="False">
<InterfaceOptions/>
</Interface>
<Interface id="id39568X32371" dedicated_failover="False" dyn="False" security_level="100" unnum="False" unprotected="False" name="lo" comment="" ro="False">
<IPv4 id="id39571X32371" name="firewall111:lo:ip" comment="" ro="False" address="127.0.0.1" netmask="255.0.0.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id39573X32371" dedicated_failover="False" dyn="False" label="wifi_int" mgmt="False" security_level="0" unnum="False" unprotected="False" name="enc1" comment="" ro="False">
<IPv4 id="id39576X32371" name="firewall111:enc1:ip" comment="" ro="False" address="192.168.2.1" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Management address="127.0.0.1">
<SNMPManagement enabled="False" snmp_read_community="public" snmp_write_community=""/>
<FWBDManagement enabled="True" identity="" port="9999"/>
<PolicyInstallScript arguments="" command="" enabled="False"/>
</Management>
<FirewallOptions>
<Option name="accept_established">True</Option>
<Option name="accept_new_tcp_with_no_syn">True</Option>
<Option name="action_on_reject">ICMP net unreachable</Option>
<Option name="activationCmd"></Option>
<Option name="admUser"></Option>
<Option name="altAddress"></Option>
<Option name="check_shading">True</Option>
<Option name="clamp_mss_to_mtu">False</Option>
<Option name="cmdline"></Option>
<Option name="compiler"></Option>
<Option name="conf1_file"></Option>
<Option name="conf_file_name_on_firewall"></Option>
<Option name="configure_bridge_interfaces">False</Option>
<Option name="configure_carp_interfaces">False</Option>
<Option name="configure_interfaces">False</Option>
<Option name="configure_pfsync_interfaces">False</Option>
<Option name="configure_vlan_interfaces">False</Option>
<Option name="debug">False</Option>
<Option name="dyn_addr">False</Option>
<Option name="epilog_script"></Option>
<Option name="fallback_log">False</Option>
<Option name="firewall_dir"></Option>
<Option name="firewall_is_part_of_any">True</Option>
<Option name="firewall_is_part_of_any_and_networks">True</Option>
<Option name="freebsd_path_ipf"></Option>
<Option name="freebsd_path_ipnat"></Option>
<Option name="freebsd_path_sysctl"></Option>
<Option name="generate_rc_conf_file">False</Option>
<Option name="generate_shell_script">True</Option>
<Option name="ignore_empty_groups">False</Option>
<Option name="in_out_code">True</Option>
<Option name="inst_cmdline"></Option>
<Option name="inst_script"></Option>
<Option name="install_script"></Option>
<Option name="ipv4_6_order">ipv4_first</Option>
<Option name="limit_suffix">/day</Option>
<Option name="limit_value">0</Option>
<Option name="linux24_ip_forward">0</Option>
<Option name="linux24_tcp_fin_timeout">30</Option>
<Option name="linux24_tcp_keepalive_interval">1800</Option>
<Option name="load_modules">False</Option>
<Option name="log_all_dropped">False</Option>
<Option name="log_ip_opt">False</Option>
<Option name="log_level">debug</Option>
<Option name="log_limit_suffix">/second</Option>
<Option name="log_limit_value">0</Option>
<Option name="log_prefix"></Option>
<Option name="log_tcp_opt">False</Option>
<Option name="log_tcp_seq">False</Option>
<Option name="manage_virtual_addr">True</Option>
<Option name="mgmt_addr"></Option>
<Option name="mgmt_ssh">False</Option>
<Option name="modulate_state">False</Option>
<Option name="no_iochains_for_any">False</Option>
<Option name="no_optimisation">False</Option>
<Option name="openbsd_path_pfctl"></Option>
<Option name="openbsd_path_sysctl"></Option>
<Option name="output_file"></Option>
<Option name="pass_all_out">False</Option>
<Option name="pf_adaptive_end">0</Option>
<Option name="pf_adaptive_start">0</Option>
<Option name="pf_do_limit_frags">False</Option>
<Option name="pf_do_limit_src_nodes">False</Option>
<Option name="pf_do_limit_states">False</Option>
<Option name="pf_do_limit_table_entries">False</Option>
<Option name="pf_do_limit_tables">False</Option>
<Option name="pf_do_scrub">True</Option>
<Option name="pf_do_timeout_frag">False</Option>
<Option name="pf_do_timeout_interval">False</Option>
<Option name="pf_flush_states">False</Option>
<Option name="pf_icmp_error">0</Option>
<Option name="pf_icmp_first">0</Option>
<Option name="pf_limit_frags">5000</Option>
<Option name="pf_limit_src_nodes">0</Option>
<Option name="pf_limit_states">10000</Option>
<Option name="pf_limit_table_entries">0</Option>
<Option name="pf_limit_tables">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_optimization"></Option>
<Option name="pf_other_first">0</Option>
<Option name="pf_other_multiple">0</Option>
<Option name="pf_other_single">0</Option>
<Option name="pf_scrub_fragm_crop">False</Option>
<Option name="pf_scrub_fragm_drop_ovl">False</Option>
<Option name="pf_scrub_maxmss">1460</Option>
<Option name="pf_scrub_minttl">1</Option>
<Option name="pf_scrub_no_df">False</Option>
<Option name="pf_scrub_random_id">False</Option>
<Option name="pf_scrub_reassemble">True</Option>
<Option name="pf_scrub_reassemble_tcp">False</Option>
<Option name="pf_scrub_use_maxmss">False</Option>
<Option name="pf_scrub_use_minttl">False</Option>
<Option name="pf_set_adaptive">False</Option>
<Option name="pf_set_icmp_error">False</Option>
<Option name="pf_set_icmp_first">False</Option>
<Option name="pf_set_other_first">False</Option>
<Option name="pf_set_other_multiple">False</Option>
<Option name="pf_set_other_single">False</Option>
<Option name="pf_set_tcp_closed">False</Option>
<Option name="pf_set_tcp_closing">False</Option>
<Option name="pf_set_tcp_established">False</Option>
<Option name="pf_set_tcp_finwait">False</Option>
<Option name="pf_set_tcp_first">False</Option>
<Option name="pf_set_tcp_opening">False</Option>
<Option name="pf_set_udp_first">False</Option>
<Option name="pf_set_udp_multiple">False</Option>
<Option name="pf_set_udp_single">False</Option>
<Option name="pf_state_policy"></Option>
<Option name="pf_tcp_closed">0</Option>
<Option name="pf_tcp_closing">0</Option>
<Option name="pf_tcp_established">0</Option>
<Option name="pf_tcp_finwait">0</Option>
<Option name="pf_tcp_first">0</Option>
<Option name="pf_tcp_opening">0</Option>
<Option name="pf_timeout_frag">30</Option>
<Option name="pf_timeout_interval">10</Option>
<Option name="pf_udp_first">0</Option>
<Option name="pf_udp_multiple">0</Option>
<Option name="pf_udp_single">0</Option>
<Option name="platform">iptables</Option>
<Option name="prolog_place">fw_file</Option>
<Option name="prolog_script"></Option>
<Option name="proxy_arp">False</Option>
<Option name="scpArgs"></Option>
<Option name="script_env_path"></Option>
<Option name="script_name_on_firewall"></Option>
<Option name="snmp_contact"></Option>
<Option name="snmp_description"></Option>
<Option name="snmp_location"></Option>
<Option name="sshArgs"></Option>
<Option name="use_ip_tool">False</Option>
<Option name="use_numeric_log_levels">False</Option>
<Option name="use_tables">True</Option>
</FirewallOptions>
</Firewall>
</ObjectGroup>
<IntervalGroup id="stdid11_1" name="Time" comment="" ro="False"/>
</Library>

6
test/pf/pf_cluster_1_openbsd-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:28 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_1_openbsd-1.fw /etc/pf_cluster_1_openbsd-1.fw
# files: pf_cluster_1_openbsd-1.conf /etc/pf_cluster_1_openbsd-1.conf
@ -299,7 +299,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:28 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_1_openbsd-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:28 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_1_openbsd-2.fw /etc/pf_cluster_1_openbsd-2.fw
# files: pf_cluster_1_openbsd-2.conf /etc/pf_cluster_1_openbsd-2.conf
@ -195,7 +195,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:28 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_2_freebsd-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:28 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_2_freebsd-1.fw /etc/pf_cluster_2_freebsd-1.fw
# files: pf_cluster_2_freebsd-1.conf /etc/pf_cluster_2_freebsd-1.conf
@ -301,7 +301,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:28 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_2_freebsd-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:28 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_2_freebsd-2.fw /etc/pf_cluster_2_freebsd-2.fw
# files: pf_cluster_2_freebsd-2.conf /etc/pf_cluster_2_freebsd-2.conf
@ -197,7 +197,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:28 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_3_openbsd-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:29 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_3_openbsd-3.fw /etc/pf_cluster_3_openbsd-3.fw
# files: pf_cluster_3_openbsd-3.conf /etc/pf_cluster_3_openbsd-3.conf
@ -302,7 +302,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:29 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_3_openbsd-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:29 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_3_openbsd-4.fw /etc/pf_cluster_3_openbsd-4.fw
# files: pf_cluster_3_openbsd-4.conf /etc/pf_cluster_3_openbsd-4.conf
@ -199,7 +199,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:29 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/pf_cluster_4_rc.conf.local
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.1.ma_1
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Fri May 6 18:05:47 2011 PDT by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_4_rc.conf.local /etc/pf_cluster_4_rc.conf.local
# files: pf_cluster_4_pf.conf /etc/pf_cluster_4_pf.conf

6
test/pf/pf_cluster_5_openbsd-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:29 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_5_openbsd-3.fw /etc/pf_cluster_5_openbsd-3.fw
# files: pf_cluster_5_openbsd-3.conf /etc/pf_cluster_5_openbsd-3.conf
@ -302,7 +302,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:29 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_5_openbsd-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3499
# Firewall Builder fwb_pf v4.3.0.1
#
# Generated Sat Mar 12 19:45:29 2011 PST by vadim
# Generated Tue May 10 14:53:34 2011 PDT by vadim
#
# files: * pf_cluster_5_openbsd-4.fw /etc/pf_cluster_5_openbsd-4.fw
# files: pf_cluster_5_openbsd-4.conf /etc/pf_cluster_5_openbsd-4.conf
@ -199,7 +199,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Sat Mar 12 19:45:29 2011 by vadim"
log "Activating firewall script generated Tue May 10 14:53:34 2011 by vadim"
set_kernel_vars
configure_interfaces