fwbuilder/test/iosacl/firewall-ipv6-1.fw.orig

!
!  This is automatically generated file. DO NOT MODIFY !
!
!  Firewall Builder  fwb_iosacl v4.2.0.3483
!
!  Generated Sun Feb 20 21:26:39 2011 PST by vadim
!
! Compiled for iosacl 12.1
!
!# files: * firewall-ipv6-1.fw
!

! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 3 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 4 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 4 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 5 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 5 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:2: error: Rule 'fw-ipv6-1-ipv6 2 (global)' shadows rule 'fw-ipv6-1-ipv6 5 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 6 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:2: error: Rule 'fw-ipv6-1-ipv6 2 (global)' shadows rule 'fw-ipv6-1-ipv6 6 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 10 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 10 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 11 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 11 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 11 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 11 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 12 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 12 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it

!
! Prolog script:
!

!
! End of prolog script:
!



! temporary access list for "safety net install"
no ipv6 access-list tmp_acl
ipv6 access-list tmp_acl
  permit ipv6 host fe80::21d:9ff:aaaa:bbbb any 
  permit icmp any any
  deny ipv6 any any 
exit
interface Ethernet0/0
  no ipv6 traffic-filter in
  no ipv6 traffic-filter out
  ipv6 traffic-filter tmp_acl in
exit
no ip access-list extended fw-ipv6-1-ipv4_e0_0_in
no ip access-list extended fw-ipv6-1-ipv4_e0_0_out
no ipv6 access-list ipv6_e0_0_in
no ipv6 access-list ipv6_e0_0_out

! ================ IPv4


ip access-list extended fw-ipv6-1-ipv4_e0_0_in
! 
! Rule  fw-ipv6-1-ipv4 1 (global)
  permit 50  host 61.150.47.112 any  dscp af12 
  permit 50  host 192.168.1.0 any  dscp af12 
exit

ip access-list extended fw-ipv6-1-ipv4_e0_0_out
  permit 50  host 61.150.47.112 any  dscp af12 
  permit 50  host 192.168.1.0 any  dscp af12 
exit





! ================ IPv6


ipv6 access-list ipv6_e0_0_in
! 
! Rule  fw-ipv6-1-ipv6 0 (global)
  permit tcp  fe80::/64 any  eq 22 
! 
! Rule  fw-ipv6-1-ipv6 1 (global)
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 3 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 4 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 5 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 6 (global)'  below it

  permit tcp  host 2001:5c0:0:2::24 any  eq 22 
! 
! Rule  fw-ipv6-1-ipv6 2 (global)
! firewall-ipv6-1:fw-ipv6-1-ipv6:2: error: Rule 'fw-ipv6-1-ipv6 2 (global)' shadows rule 'fw-ipv6-1-ipv6 5 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:2: error: Rule 'fw-ipv6-1-ipv6 2 (global)' shadows rule 'fw-ipv6-1-ipv6 6 (global)'  below it

  permit tcp  host 3ffe:1200:2001:1:8000::1 host fe80::21d:9ff:fe8b:8e94 eq 22 log 
! 
! Rule  fw-ipv6-1-ipv6 3 (global)
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 4 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 5 (global)'  below it

  permit tcp  host 2001:5c0:0:2::24 any  eq 22 log 
  permit tcp  3ffe:1200:2000::/36 any  eq 22 log 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  eq 22 log 
! 
! Rule  fw-ipv6-1-ipv6 4 (global)
  permit tcp  host 2001:5c0:0:2::24 any  eq 22 log 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  eq 22 log 
! 
! Rule  fw-ipv6-1-ipv6 5 (global)
  permit tcp  host 2001:5c0:0:2::24 host fe80::21d:9ff:fe8b:8e94 eq 22 log 
  permit tcp  3ffe:1200:2000::/36 host fe80::21d:9ff:fe8b:8e94 eq 22 log 
  permit tcp  host 3ffe:1200:2001:1:8000::1 host fe80::21d:9ff:fe8b:8e94 eq 22 log 
! 
! Rule  fw-ipv6-1-ipv6 6 (global)
  permit tcp  host 2001:5c0:0:2::24 host fe80::21d:9ff:fe8b:8e94 eq 22 log 
  permit tcp  host 3ffe:1200:2001:1:8000::1 host fe80::21d:9ff:fe8b:8e94 eq 22 log 
! 
! Rule  fw-ipv6-1-ipv6 7 (global)
  permit ipv6  any  host fe80::21d:9ff:fe8b:8e94 log 
! 
! Rule  fw-ipv6-1-ipv6 8 (global)
  permit ipv6  fe80::/64 any  log 
! 
! Rule  fw-ipv6-1-ipv6 9 (global)
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 10 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 11 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 12 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it

  permit ipv6  host 2001:5c0:0:2::24 any  log 
  permit ipv6  3ffe:1200:2000::/36 any  log 
  permit ipv6  host 3ffe:1200:2001:1:8000::1 any  log 
! 
! Rule  fw-ipv6-1-ipv6 10 (global)
  permit ipv6  host 2001:5c0:0:2::24 any  log 
  permit ipv6  host 3ffe:1200:2001:1:8000::1 any  log 
! 
! Rule  fw-ipv6-1-ipv6 11 (global)
  permit 50  host 2001:5c0:0:2::24 any  dscp af11 
  permit 50  host 3ffe:1200:2001:1:8000::1 any  dscp af11 
! 
! Rule  fw-ipv6-1-ipv6 12 (global)
  permit tcp  host 2001:5c0:0:2::24 any  established 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  established 
! 
! Rule  fw-ipv6-1-ipv6 13 (global)
  permit tcp  host 2001:5c0:0:2::24 any  eq 22 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  eq 22 
  permit udp  host 2001:5c0:0:2::24 any  eq 161 
  permit udp  host 3ffe:1200:2001:1:8000::1 any  eq 161 
  permit icmp  host 2001:5c0:0:2::24 any  128 
  permit icmp  host 3ffe:1200:2001:1:8000::1 any  128 
  permit tcp  host 2001:5c0:0:2::24 any  established 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  established 
exit

ipv6 access-list ipv6_e0_0_out
! 
! Rule  fw-ipv6-1-ipv6 0 (global)
  permit tcp  fe80::/64 any  eq 22 
! 
! Rule  fw-ipv6-1-ipv6 1 (global)
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 3 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 4 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 5 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 6 (global)'  below it

  permit tcp  host 2001:5c0:0:2::24 any  eq 22 
! 
! Rule  fw-ipv6-1-ipv6 3 (global)
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 4 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 5 (global)'  below it

  permit tcp  host 2001:5c0:0:2::24 any  eq 22 log 
  permit tcp  3ffe:1200:2000::/36 any  eq 22 log 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  eq 22 log 
! 
! Rule  fw-ipv6-1-ipv6 4 (global)
  permit tcp  host 2001:5c0:0:2::24 any  eq 22 log 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  eq 22 log 
! 
! Rule  fw-ipv6-1-ipv6 8 (global)
  permit ipv6  fe80::/64 any  log 
! 
! Rule  fw-ipv6-1-ipv6 9 (global)
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 10 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 11 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 12 (global)'  below it
! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it

  permit ipv6  host 2001:5c0:0:2::24 any  log 
  permit ipv6  3ffe:1200:2000::/36 any  log 
  permit ipv6  host 3ffe:1200:2001:1:8000::1 any  log 
! 
! Rule  fw-ipv6-1-ipv6 10 (global)
  permit ipv6  host 2001:5c0:0:2::24 any  log 
  permit ipv6  host 3ffe:1200:2001:1:8000::1 any  log 
! 
! Rule  fw-ipv6-1-ipv6 11 (global)
  permit 50  host 2001:5c0:0:2::24 any  dscp af11 
  permit 50  host 3ffe:1200:2001:1:8000::1 any  dscp af11 
! 
! Rule  fw-ipv6-1-ipv6 12 (global)
  permit tcp  host 2001:5c0:0:2::24 any  established 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  established 
! 
! Rule  fw-ipv6-1-ipv6 13 (global)
  permit tcp  host 2001:5c0:0:2::24 any  eq 22 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  eq 22 
  permit udp  host 2001:5c0:0:2::24 any  eq 161 
  permit udp  host 3ffe:1200:2001:1:8000::1 any  eq 161 
  permit icmp  host 2001:5c0:0:2::24 any  128 
  permit icmp  host 3ffe:1200:2001:1:8000::1 any  128 
  permit tcp  host 2001:5c0:0:2::24 any  established 
  permit tcp  host 3ffe:1200:2001:1:8000::1 any  established 
exit


interface Ethernet0/0
  ipv6 traffic-filter ipv6_e0_0_in in
exit
interface Ethernet0/0
  ipv6 traffic-filter ipv6_e0_0_out out
exit





!
! Epilog script:
!

! End of epilog script:
!