onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 02:37:16 +01:00
Code Issues Releases Wiki Activity
fwbuilder/test/pix/firewall34.fw.orig
Vadim Kurland 4d6302a4cc * CompilerDriver_pix_run.cpp (pixNetworkZoneChecks): see SF bug 
3213019 "FWSM Network zone and IPv6". Currently we do not support
ipv6 with PIX/ASA and FWSM. If user creates a group to be used as
network zone object and places ipv6 address in it, this address
should be ignored while compiling the policy but this should not
be an error.
2011-04-07 11:05:46 -07:00

254 lines
8.6 KiB
Plaintext
Executable File
Raw Blame History

!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3519
!
! Generated Thu Apr 7 10:50:17 2011 PDT by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported
! Emulate outbound ACLs: no
! Generating outbound ACLs: no
! Assume firewall is part of any: no
!
!# files: * firewall34.fw
!
! testing AddressTable object
! C firewall34:Policy:1: error: File not found for Address Table: missing table (file_does_not_exist.tbl) Using dummy address in test mode
! C firewall34:Policy:1: error: File not found for Address Table: missing table (file_does_not_exist.tbl) Using dummy address in test mode
!
! Prolog script:
!
!
! End of prolog script:
!
nameif eth0.100 outside security0
nameif eth1 inside security100
no logging buffered
no logging console
no logging timestamp
no logging on
telnet timeout -1
clear ssh
aaa authentication ssh console LOCAL
ssh timeout -1
no snmp-server enable traps
no service resetinbound
no service resetoutside
no sysopt connection timewait
no sysopt nodnsalias inbound
no sysopt nodnsalias outbound
floodguard disable
clear object-group
object-group network id16988X10208.dst.net.0
network-object 192.168.1.1 255.255.255.255
network-object 192.168.1.2 255.255.255.255
network-object 192.168.1.3 255.255.255.252
network-object 192.168.1.200 255.255.255.255
network-object 192.168.1.201 255.255.255.255
exit
object-group network id4390C25825682.dst.net.0
network-object 58.33.181.83 255.255.255.255
network-object 58.53.82.190 255.255.255.255
network-object 58.231.13.78 255.255.255.255
network-object host 61.150.47.112
network-object 61.184.14.102 255.255.255.255
network-object 64.106.85.186 255.255.255.255
network-object 70.228.60.100 255.255.255.255
network-object 80.51.236.6 255.255.255.255
network-object 80.243.72.149 255.255.255.255
network-object 80.249.77.34 255.255.255.255
network-object 81.2.36.254 255.255.255.255
network-object 81.196.74.125 255.255.255.255
network-object 82.77.37.174 255.255.255.255
network-object 82.117.221.205 255.255.255.255
network-object 82.143.196.17 255.255.255.255
network-object 84.90.8.198 255.255.255.255
network-object 151.8.224.178 255.255.255.255
network-object 168.156.76.20 255.255.255.255
network-object 193.207.126.36 255.255.255.255
network-object 195.136.186.35 255.255.255.255
network-object 196.15.136.15 255.255.255.255
network-object 201.10.180.138 255.255.255.255
network-object 201.17.93.16 255.255.255.255
network-object 201.36.156.121 255.255.255.255
network-object 202.96.112.93 255.255.255.255
network-object 202.103.25.253 255.255.255.255
network-object 203.162.3.209 255.255.255.255
network-object 203.209.124.144 255.255.255.255
network-object 210.106.193.237 255.255.255.255
network-object 210.222.114.102 255.255.255.255
network-object 211.144.143.143 255.255.255.255
network-object 211.172.218.237 255.255.255.255
network-object 211.250.16.132 255.255.255.255
network-object 212.21.241.31 255.255.255.255
network-object 212.100.212.100 255.255.255.255
network-object 218.18.72.252 255.255.255.255
network-object 218.39.114.122 255.255.255.255
network-object 218.55.115.43 255.255.255.255
network-object 218.104.138.146 255.255.255.255
network-object 219.132.104.160 255.255.255.255
network-object 220.71.17.86 255.255.255.255
network-object 220.81.50.105 255.255.255.255
network-object 220.91.99.46 255.255.255.255
network-object 221.14.249.242 255.255.255.255
network-object 221.166.177.135 255.255.255.255
network-object 221.198.33.38 255.255.255.255
network-object 221.202.160.233 255.255.255.255
network-object 221.205.54.125 255.255.255.255
network-object 221.217.44.248 255.255.255.255
network-object 222.100.212.223 255.255.255.255
network-object 222.121.118.144 255.255.255.255
network-object 222.174.113.2 255.255.255.255
exit
object-group network id4388CFF8674.src.net.0
network-object 58.33.181.83 255.255.255.255
network-object 58.53.82.190 255.255.255.255
network-object 58.231.13.78 255.255.255.255
network-object 61.150.47.112 255.255.255.255
network-object 61.184.14.102 255.255.255.255
network-object 64.106.85.186 255.255.255.255
network-object 70.228.60.100 255.255.255.255
network-object 80.51.236.6 255.255.255.255
network-object 80.243.72.149 255.255.255.255
network-object 80.249.77.34 255.255.255.255
network-object 81.2.36.254 255.255.255.255
network-object 81.196.74.125 255.255.255.255
network-object 82.77.37.174 255.255.255.255
network-object 82.117.221.205 255.255.255.255
network-object 82.143.196.17 255.255.255.255
network-object 84.90.8.198 255.255.255.255
network-object 151.8.224.178 255.255.255.255
network-object 168.156.76.20 255.255.255.255
network-object 193.207.126.36 255.255.255.255
network-object 195.136.186.35 255.255.255.255
network-object 196.15.136.15 255.255.255.255
network-object 201.10.180.138 255.255.255.255
network-object 201.17.93.16 255.255.255.255
network-object 201.36.156.121 255.255.255.255
network-object 202.96.112.93 255.255.255.255
network-object 202.103.25.253 255.255.255.255
network-object 203.162.3.209 255.255.255.255
network-object 203.209.124.144 255.255.255.255
network-object 210.106.193.237 255.255.255.255
network-object 210.222.114.102 255.255.255.255
network-object 211.144.143.143 255.255.255.255
network-object 211.172.218.237 255.255.255.255
network-object 211.250.16.132 255.255.255.255
network-object 212.21.241.31 255.255.255.255
network-object 212.100.212.100 255.255.255.255
network-object 218.18.72.252 255.255.255.255
network-object 218.39.114.122 255.255.255.255
network-object 218.55.115.43 255.255.255.255
network-object 218.104.138.146 255.255.255.255
network-object 219.132.104.160 255.255.255.255
network-object 220.71.17.86 255.255.255.255
network-object 220.81.50.105 255.255.255.255
network-object 220.91.99.46 255.255.255.255
network-object 221.14.249.242 255.255.255.255
network-object 221.166.177.135 255.255.255.255
network-object 221.198.33.38 255.255.255.255
network-object 221.202.160.233 255.255.255.255
network-object 221.205.54.125 255.255.255.255
network-object 221.217.44.248 255.255.255.255
network-object 222.100.212.223 255.255.255.255
network-object 222.121.118.144 255.255.255.255
network-object 222.174.113.2 255.255.255.255
exit
object-group network id21263X16880.src.net.0
network-object 10.1.0.0 255.255.255.0
network-object 10.1.2.0 255.255.255.0
network-object 10.1.3.0 255.255.255.0
network-object 10.1.4.0 255.255.255.0
exit
!################
!
! Rule 0 (global)
access-list outside_acl_in permit ip any 192.168.2.128 255.255.255.128
access-list inside_acl_in permit ip any 192.168.2.128 255.255.255.128
access-list outside_acl_in permit ip any object-group id16988X10208.dst.net.0
access-list inside_acl_in permit ip any object-group id16988X10208.dst.net.0
!
! Rule 1 (global)
! firewall34:Policy:1: error: File not found for Address Table: missing table (file_does_not_exist.tbl) Using dummy address in test mode
access-list outside_acl_in permit ip any 192.0.2.0 255.255.255.0
access-list inside_acl_in permit ip any 192.0.2.0 255.255.255.0
!
! Rule 2 (global)
access-list outside_acl_in deny ip any object-group id4390C25825682.dst.net.0 log 6 interval 300
access-list inside_acl_in deny ip any object-group id4390C25825682.dst.net.0 log 6 interval 300
!
! Rule 3 (global)
access-list outside_acl_in deny tcp any object-group id4390C25825682.dst.net.0 eq 25
access-list inside_acl_in deny tcp any object-group id4390C25825682.dst.net.0 eq 25
!
! Rule 5 (global)
access-list outside_acl_in deny ip object-group id4388CFF8674.src.net.0 any log 6 interval 300
!
! Rule 6 (global)
access-list outside_acl_in deny ip object-group id4390C25825682.dst.net.0 any log 6 interval 300
!
! Rule 7 (global)
access-list outside_acl_in permit ip object-group id4390C25825682.dst.net.0 any
!
! Rule 8 (global)
! for #1917
access-list outside_acl_in deny ip object-group id21263X16880.src.net.0 any
!
! Rule 10 (global)
access-list outside_acl_in permit tcp any host 192.168.1.10 eq 25
access-list inside_acl_in permit tcp any host 192.168.1.10 eq 25
!
! Rule 11 (global)
access-list inside_acl_in permit ip 192.168.1.0 255.255.255.0 any
!
! Rule 12 (global)
access-list outside_acl_in deny ip any any log 6 interval 300
access-list inside_acl_in deny ip any any log 6 interval 300
access-group inside_acl_in in interface inside
access-group outside_acl_in in interface outside
!
! Epilog script:
!
! End of epilog script:
!
Reference in New Issue View Git Blame Copy Permalink