# Tables: (4) table { 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 } table { www.google.com , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 } table { www.google.com , www.cnn.com } table { 74.125.224.80 , 74.125.224.81 , 74.125.224.82 , 74.125.224.83 , 74.125.224.84 , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 } # # Rule 0 (NAT) nat on eth0.100 from any to -> (eth0.100) # # Rule 1 (NAT) nat on eth0.100 from any to www.cnn.com -> (eth0.100) # # Rule 2 (NAT) nat on eth0.100 from any to -> (eth0.100) # # Rule 3 (NAT) nat on eth0.100 from any to ! -> (eth0.100) # Policy compiler errors and warnings: # firewall33:Policy:2: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode # firewall33:Policy:6: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode # # Rule 0 (global) pass quick inet from to any keep state label "RULE 0 -- ACCEPT on global " # # Rule 1 (global) pass quick inet from www.cnn.com to any keep state label "RULE 1 -- ACCEPT on global " # # Rule 2 (global) # firewall33:Policy:2: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode pass quick inet from 192.0.2.1 to any keep state label "RULE 2 -- ACCEPT on global " # # Rule 3 (global) pass quick inet from buildmaster to any keep state label "RULE 3 -- ACCEPT on global " # # Rule 4 (global) block quick inet from any to ! label "RULE 4 -- DROP on global " # # Rule 5 (global) block quick inet from any to ! www.cnn.com label "RULE 5 -- DROP on global " # # Rule 6 (global) # firewall33:Policy:6: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode pass quick inet from any to ! 192.0.2.1 keep state label "RULE 6 -- ACCEPT on global " # # Rule 7 (global) pass quick inet from any to ! buildmaster keep state label "RULE 7 -- ACCEPT on global " # # Rule 8 (global) pass quick inet from any to ! keep state label "RULE 8 -- ACCEPT on global " # # Rule 9 (global) pass quick inet from any to ! keep state label "RULE 9 -- ACCEPT on global " # # Rule 10 (global) pass quick inet from any to ! keep state label "RULE 10 -- ACCEPT on global " # # Rule 11 (global) block log quick inet from any to any label "RULE 11 -- DROP on global " # # Rule fallback rule # fallback rule block quick inet from any to any label "RULE 10000 -- DROP on global "