onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-18 17:27:20 +01:00
Code Issues Releases Wiki Activity
fwbuilder/test/pix/firewall13.fw.orig

135 lines
2.9 KiB
Plaintext
Executable File
Raw Blame History

!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3530
!
! Generated Wed Apr 20 10:40:36 2011 PDT by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported
! Emulate outbound ACLs: yes
! Generating outbound ACLs: no
! Assume firewall is part of any: no
!
!# files: * firewall13.fw
!
! various policy NAT rules per examples from
! http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#1113601
!
! Prolog script:
!
no sysopt connection timewait
no sysopt security fragguard
no sysopt nodnsalias inbound
no sysopt nodnsalias outbound
!
! End of prolog script:
!
nameif eth0 outside security0
nameif eth2 inside security100
no logging buffered
no logging console
no logging timestamp
no logging on
timeout xlate 3:0:0
timeout conn 1:0:0
timeout udp 0:2:0
timeout rpc 0:10:0
timeout h323 0:5:0
timeout sip 0:30:0
timeout sip_media 0:2:0
timeout uauth 2:0:0 absolute
telnet timeout 5
aaa authentication ssh console LOCAL
ssh timeout 5
no snmp-server enable traps
no service resetinbound
no service resetoutside
no sysopt connection timewait
no sysopt nodnsalias inbound
no sysopt nodnsalias outbound
floodguard enable
!################
!
! Rule 0 (global)
access-list outside_acl_in permit ip 192.168.1.0 255.255.255.0 any
!
! Rule 1 (global)
access-list outside_acl_in deny ip any any
access-list inside_acl_in deny ip any any
access-group inside_acl_in in interface inside
access-group outside_acl_in in interface outside
!
! Rule 0 (NAT)
global (outside) 1 interface
access-list id3FA349A3.0 permit ip 10.1.2.0 255.255.255.0 209.165.201.0 255.255.255.224
!
! Rule 1 (NAT)
global (outside) 1 interface
access-list id3FA34CB5.0 permit ip 10.1.2.0 255.255.255.0 209.165.200.224 255.255.255.224
!
! Rule 2 (NAT)
access-list id3FA349A3.0 permit tcp 10.1.2.0 255.255.255.0 host 209.165.201.11 eq 80
nat (inside) 1 access-list id3FA349A3.0 0 0
!
! Rule 3 (NAT)
access-list id3FA34CB5.0 permit tcp 10.1.2.0 255.255.255.0 host 209.165.201.11 eq 23
!
! Rule 4 (NAT)
!
!
!
! Rule 5 (NAT)
access-list id3FA35071.0 permit ip host 10.1.2.27 209.165.201.0 255.255.255.224
static (inside,outside) interface access-list id3FA35071.0 0 0
!
! Rule 6 (NAT)
access-list id3FA35063.0 permit ip host 10.1.2.27 209.165.200.224 255.255.255.224
static (inside,outside) interface access-list id3FA35063.0 0 0
!
! Rule 7 (NAT)
access-list id3FA44ABB.0 permit tcp host 10.1.2.27 eq 80 host 209.165.200.225
access-list id3FA44ABB.1 permit tcp host 10.1.2.27 eq 81 host 209.165.200.225
access-list id3FA44ABB.0 permit tcp host 10.1.2.27 eq 80 host 209.165.201.11
static (inside,outside) tcp interface 80 access-list id3FA44ABB.0 0 0
access-list id3FA44ABB.1 permit tcp host 10.1.2.27 eq 81 host 209.165.201.11
static (inside,outside) tcp interface 81 access-list id3FA44ABB.1 0 0
!
! Epilog script:
!
! End of epilog script:
!
Reference in New Issue View Git Blame Copy Permalink