mirror of
https://github.com/fwbuilder/fwbuilder
synced 2026-03-19 17:57:22 +01:00
25 lines
595 B
Plaintext
25 lines
595 B
Plaintext
|
|
|
|
#
|
|
# Scrub rules
|
|
#
|
|
scrub in all fragment reassemble no-df
|
|
scrub out all random-id min-ttl 64 max-mss 1460
|
|
|
|
|
|
# Tables: (1)
|
|
table <tbl.r9998.d> { 10.1.1.50 , 10.3.14.50 , 10.100.101.1 , 10.100.103.1 }
|
|
|
|
#
|
|
# Rule backup ssh access rule
|
|
# backup ssh access rule
|
|
pass in quick inet proto tcp from 10.3.14.30 to <tbl.r9998.d> port 22 label "RULE 9998 -- ACCEPT "
|
|
#
|
|
# Rule 0 (global)
|
|
block log quick inet from any to any no state label "RULE 0 -- DROP "
|
|
#
|
|
# Rule fallback rule
|
|
# fallback rule
|
|
block quick inet from any to any no state label "RULE 10000 -- DROP "
|
|
|