onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-20 10:17:16 +01:00
Code Issues Releases Wiki Activity
fwbuilder/test/pix/firewall6.fw.orig
Vadim Kurland 59f40e5d71 * PolicyCompiler_pix.cpp (printPreambleCommands): see #2347 "FWSM 
move up the "access-list mode auto-commit" command". Command that
configures access list commit mode should be issued before any
commands that clear and configure access lists. Also in this
change moving commands that set up temporary access list to the
top of the script.
2011-04-14 12:11:15 -07:00

125 lines
2.1 KiB
Plaintext
Executable File
Raw Blame History

!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3526
!
! Generated Thu Apr 14 12:07:19 2011 PDT by vadim
!
! Compiled for pix 6.2
! Outbound ACLs: not supported
! Emulate outbound ACLs: yes
! Generating outbound ACLs: no
! Assume firewall is part of any: yes
!
!# files: * firewall6.fw
!
! testing rule with firewall in dst and negation
!
! Prolog script:
!
!
! End of prolog script:
!
nameif eth0 inside security100
nameif eth1 outside security0
nameif eth2 dmz security50
logging host outside 10.3.14.30
logging queue 512
logging facility 20
logging trap 4
logging buffered 5
logging console 0
logging timestamp
logging on
timeout xlate 3:0:0
timeout conn 1:0:0
timeout udp 0:2:0
timeout rpc 0:10:0
timeout h323 0:5:0
timeout sip 0:30:0
timeout sip_media 0:0:0
timeout uauth 2:0:0 absolute
clear ssh
aaa authentication ssh console LOCAL
clear snmp-server
no snmp-server enable traps
clear ntp
no service resetinbound
no service resetoutside
no sysopt connection timewait
no sysopt security fragguard
no sysopt nodnsalias inbound
no sysopt nodnsalias outbound
no sysopt route dnat
floodguard disable
!################
clear xlate
clear static
clear global
clear nat
clear access-list
clear icmp
clear telnet
!
! Rule 0 (eth1)
access-list outside_acl_in deny ip any host 22.22.22.22
!
! Rule 1 (global)
access-list inside_acl_in deny ip any host 192.168.1.1
access-list outside_acl_in deny ip any host 22.22.22.22
access-list dmz_acl_in deny ip any host 192.168.2.1
access-group dmz_acl_in in interface dmz
access-group inside_acl_in in interface inside
access-group outside_acl_in in interface outside
!
! Rule 0 (NAT)
static (inside,dmz) 192.168.10.0 192.168.10.0 netmask 255.255.255.0
static (inside,dmz) 192.168.20.0 192.168.20.0 netmask 255.255.255.0
!
! Rule 1 (NAT)
static (inside,outside) 192.168.1.1 192.168.1.1 netmask 255.255.255.255
!
! Rule 2 (NAT)
global (outside) 1 interface
nat (inside) 1 192.168.1.10 255.255.255.255 0 0
!
! Epilog script:
!
! End of epilog script:
!
Reference in New Issue View Git Blame Copy Permalink