mirror of
https://github.com/fwbuilder/fwbuilder
synced 2026-03-19 17:57:22 +01:00
254 lines
8.8 KiB
Plaintext
Executable File
254 lines
8.8 KiB
Plaintext
Executable File
!
|
|
! This is automatically generated file. DO NOT MODIFY !
|
|
!
|
|
! Firewall Builder fwb_pix v4.2.0.3457
|
|
!
|
|
! Generated Thu Feb 3 10:07:02 2011 PST by vadim
|
|
!
|
|
! Compiled for pix 6.3
|
|
! Outbound ACLs: not supported
|
|
! Emulate outbound ACLs: no
|
|
! Generating outbound ACLs: no
|
|
! Assume firewall is part of any: no
|
|
!
|
|
!# files: * firewall34.fw
|
|
!
|
|
! testing AddressTable object
|
|
|
|
! C firewall34:Policy:1: error: File not found for Address Table: missing table (file_does_not_exist.tbl) Using dummy address in test mode
|
|
! C firewall34:Policy:1: error: File not found for Address Table: missing table (file_does_not_exist.tbl) Using dummy address in test mode
|
|
|
|
!
|
|
! Prolog script:
|
|
!
|
|
|
|
!
|
|
! End of prolog script:
|
|
!
|
|
|
|
|
|
|
|
|
|
nameif eth0.100 outside security0
|
|
|
|
nameif eth1 inside security100
|
|
|
|
|
|
no logging buffered
|
|
no logging console
|
|
no logging timestamp
|
|
no logging on
|
|
|
|
|
|
|
|
telnet timeout -1
|
|
|
|
clear ssh
|
|
aaa authentication ssh console LOCAL
|
|
ssh timeout -1
|
|
|
|
no snmp-server enable traps
|
|
|
|
|
|
|
|
|
|
no service resetinbound
|
|
no service resetoutside
|
|
no sysopt connection timewait
|
|
no sysopt nodnsalias inbound
|
|
no sysopt nodnsalias outbound
|
|
floodguard disable
|
|
|
|
|
|
|
|
clear conf object-group
|
|
clear conf object
|
|
|
|
|
|
object-group network id16988X10208.dst.net.0
|
|
network-object 192.168.1.1 255.255.255.255
|
|
network-object 192.168.1.2 255.255.255.255
|
|
network-object 192.168.1.3 255.255.255.252
|
|
network-object 192.168.1.200 255.255.255.255
|
|
network-object 192.168.1.201 255.255.255.255
|
|
exit
|
|
|
|
object-group network id4390C25825682.dst.net.0
|
|
network-object 58.33.181.83 255.255.255.255
|
|
network-object 58.53.82.190 255.255.255.255
|
|
network-object 58.231.13.78 255.255.255.255
|
|
network-object host 61.150.47.112
|
|
network-object 61.184.14.102 255.255.255.255
|
|
network-object 64.106.85.186 255.255.255.255
|
|
network-object 70.228.60.100 255.255.255.255
|
|
network-object 80.51.236.6 255.255.255.255
|
|
network-object 80.243.72.149 255.255.255.255
|
|
network-object 80.249.77.34 255.255.255.255
|
|
network-object 81.2.36.254 255.255.255.255
|
|
network-object 81.196.74.125 255.255.255.255
|
|
network-object 82.77.37.174 255.255.255.255
|
|
network-object 82.117.221.205 255.255.255.255
|
|
network-object 82.143.196.17 255.255.255.255
|
|
network-object 84.90.8.198 255.255.255.255
|
|
network-object 151.8.224.178 255.255.255.255
|
|
network-object 168.156.76.20 255.255.255.255
|
|
network-object 193.207.126.36 255.255.255.255
|
|
network-object 195.136.186.35 255.255.255.255
|
|
network-object 196.15.136.15 255.255.255.255
|
|
network-object 201.10.180.138 255.255.255.255
|
|
network-object 201.17.93.16 255.255.255.255
|
|
network-object 201.36.156.121 255.255.255.255
|
|
network-object 202.96.112.93 255.255.255.255
|
|
network-object 202.103.25.253 255.255.255.255
|
|
network-object 203.162.3.209 255.255.255.255
|
|
network-object 203.209.124.144 255.255.255.255
|
|
network-object 210.106.193.237 255.255.255.255
|
|
network-object 210.222.114.102 255.255.255.255
|
|
network-object 211.144.143.143 255.255.255.255
|
|
network-object 211.172.218.237 255.255.255.255
|
|
network-object 211.250.16.132 255.255.255.255
|
|
network-object 212.21.241.31 255.255.255.255
|
|
network-object 212.100.212.100 255.255.255.255
|
|
network-object 218.18.72.252 255.255.255.255
|
|
network-object 218.39.114.122 255.255.255.255
|
|
network-object 218.55.115.43 255.255.255.255
|
|
network-object 218.104.138.146 255.255.255.255
|
|
network-object 219.132.104.160 255.255.255.255
|
|
network-object 220.71.17.86 255.255.255.255
|
|
network-object 220.81.50.105 255.255.255.255
|
|
network-object 220.91.99.46 255.255.255.255
|
|
network-object 221.14.249.242 255.255.255.255
|
|
network-object 221.166.177.135 255.255.255.255
|
|
network-object 221.198.33.38 255.255.255.255
|
|
network-object 221.202.160.233 255.255.255.255
|
|
network-object 221.205.54.125 255.255.255.255
|
|
network-object 221.217.44.248 255.255.255.255
|
|
network-object 222.100.212.223 255.255.255.255
|
|
network-object 222.121.118.144 255.255.255.255
|
|
network-object 222.174.113.2 255.255.255.255
|
|
exit
|
|
|
|
object-group network id4388CFF8674.src.net.0
|
|
network-object 58.33.181.83 255.255.255.255
|
|
network-object 58.53.82.190 255.255.255.255
|
|
network-object 58.231.13.78 255.255.255.255
|
|
network-object 61.150.47.112 255.255.255.255
|
|
network-object 61.184.14.102 255.255.255.255
|
|
network-object 64.106.85.186 255.255.255.255
|
|
network-object 70.228.60.100 255.255.255.255
|
|
network-object 80.51.236.6 255.255.255.255
|
|
network-object 80.243.72.149 255.255.255.255
|
|
network-object 80.249.77.34 255.255.255.255
|
|
network-object 81.2.36.254 255.255.255.255
|
|
network-object 81.196.74.125 255.255.255.255
|
|
network-object 82.77.37.174 255.255.255.255
|
|
network-object 82.117.221.205 255.255.255.255
|
|
network-object 82.143.196.17 255.255.255.255
|
|
network-object 84.90.8.198 255.255.255.255
|
|
network-object 151.8.224.178 255.255.255.255
|
|
network-object 168.156.76.20 255.255.255.255
|
|
network-object 193.207.126.36 255.255.255.255
|
|
network-object 195.136.186.35 255.255.255.255
|
|
network-object 196.15.136.15 255.255.255.255
|
|
network-object 201.10.180.138 255.255.255.255
|
|
network-object 201.17.93.16 255.255.255.255
|
|
network-object 201.36.156.121 255.255.255.255
|
|
network-object 202.96.112.93 255.255.255.255
|
|
network-object 202.103.25.253 255.255.255.255
|
|
network-object 203.162.3.209 255.255.255.255
|
|
network-object 203.209.124.144 255.255.255.255
|
|
network-object 210.106.193.237 255.255.255.255
|
|
network-object 210.222.114.102 255.255.255.255
|
|
network-object 211.144.143.143 255.255.255.255
|
|
network-object 211.172.218.237 255.255.255.255
|
|
network-object 211.250.16.132 255.255.255.255
|
|
network-object 212.21.241.31 255.255.255.255
|
|
network-object 212.100.212.100 255.255.255.255
|
|
network-object 218.18.72.252 255.255.255.255
|
|
network-object 218.39.114.122 255.255.255.255
|
|
network-object 218.55.115.43 255.255.255.255
|
|
network-object 218.104.138.146 255.255.255.255
|
|
network-object 219.132.104.160 255.255.255.255
|
|
network-object 220.71.17.86 255.255.255.255
|
|
network-object 220.81.50.105 255.255.255.255
|
|
network-object 220.91.99.46 255.255.255.255
|
|
network-object 221.14.249.242 255.255.255.255
|
|
network-object 221.166.177.135 255.255.255.255
|
|
network-object 221.198.33.38 255.255.255.255
|
|
network-object 221.202.160.233 255.255.255.255
|
|
network-object 221.205.54.125 255.255.255.255
|
|
network-object 221.217.44.248 255.255.255.255
|
|
network-object 222.100.212.223 255.255.255.255
|
|
network-object 222.121.118.144 255.255.255.255
|
|
network-object 222.174.113.2 255.255.255.255
|
|
exit
|
|
|
|
object-group network id21263X16880.src.net.0
|
|
network-object 10.1.0.0 255.255.255.0
|
|
network-object 10.1.2.0 255.255.255.0
|
|
network-object 10.1.3.0 255.255.255.0
|
|
network-object 10.1.4.0 255.255.255.0
|
|
exit
|
|
|
|
|
|
!################
|
|
!
|
|
! Rule 0 (global)
|
|
access-list outside_acl_in permit ip any 192.168.2.128 255.255.255.128
|
|
access-list inside_acl_in permit ip any 192.168.2.128 255.255.255.128
|
|
access-list outside_acl_in permit ip any object-group id16988X10208.dst.net.0
|
|
access-list inside_acl_in permit ip any object-group id16988X10208.dst.net.0
|
|
!
|
|
! Rule 1 (global)
|
|
! firewall34:Policy:1: error: File not found for Address Table: missing table (file_does_not_exist.tbl) Using dummy address in test mode
|
|
access-list outside_acl_in permit ip any 192.0.2.0 255.255.255.0
|
|
! firewall34:Policy:1: error: File not found for Address Table: missing table (file_does_not_exist.tbl) Using dummy address in test mode
|
|
access-list inside_acl_in permit ip any 192.0.2.0 255.255.255.0
|
|
!
|
|
! Rule 2 (global)
|
|
access-list outside_acl_in deny ip any object-group id4390C25825682.dst.net.0 log 6 interval 300
|
|
access-list inside_acl_in deny ip any object-group id4390C25825682.dst.net.0 log 6 interval 300
|
|
!
|
|
! Rule 3 (global)
|
|
access-list outside_acl_in deny tcp any object-group id4390C25825682.dst.net.0 eq 25
|
|
access-list inside_acl_in deny tcp any object-group id4390C25825682.dst.net.0 eq 25
|
|
!
|
|
! Rule 5 (global)
|
|
access-list outside_acl_in deny ip object-group id4388CFF8674.src.net.0 any log 6 interval 300
|
|
!
|
|
! Rule 6 (global)
|
|
access-list outside_acl_in deny ip object-group id4390C25825682.dst.net.0 any log 6 interval 300
|
|
!
|
|
! Rule 7 (global)
|
|
access-list outside_acl_in permit ip object-group id4390C25825682.dst.net.0 any
|
|
!
|
|
! Rule 8 (global)
|
|
! for #1917
|
|
access-list outside_acl_in deny ip object-group id21263X16880.src.net.0 any
|
|
!
|
|
! Rule 10 (global)
|
|
access-list outside_acl_in permit tcp any host 192.168.1.10 eq 25
|
|
access-list inside_acl_in permit tcp any host 192.168.1.10 eq 25
|
|
!
|
|
! Rule 11 (global)
|
|
access-list inside_acl_in permit ip 192.168.1.0 255.255.255.0 any
|
|
!
|
|
! Rule 12 (global)
|
|
access-list outside_acl_in deny ip any any log 6 interval 300
|
|
access-list inside_acl_in deny ip any any log 6 interval 300
|
|
|
|
|
|
access-group inside_acl_in in interface inside
|
|
access-group outside_acl_in in interface outside
|
|
|
|
|
|
|
|
|
|
|
|
!
|
|
! Epilog script:
|
|
!
|
|
|
|
! End of epilog script:
|
|
!
|