onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-18 17:27:20 +01:00
Code Issues Releases Wiki Activity
fwbuilder/test/iosacl/testios20-v12.3.fw.orig

213 lines
4.4 KiB
Plaintext
Executable File
Raw Blame History

!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
!
! Generated Mon Mar 21 12:46:00 2011 PDT by vadim
!
! Compiled for iosacl 12.3
!
!# files: * testios20-v12.3.fw
!
! testios20-v12.3:Policy:10: error: IP options match requires IOS v12.4 or later.
! testios20-v12.3:Policy:10: error: IP options match requires IOS v12.4 or later.
! testios20-v12.3:Policy:10: error: IP options match requires IOS v12.4 or later.
! testios20-v12.3:Policy:10: error: IP options match requires IOS v12.4 or later.
! testios20-v12.3:Policy:11: error: IP options match requires IOS v12.4 or later.
!
! Prolog script:
!
!
! End of prolog script:
!
hostname testios20-v12.3
no ip access-list extended e0_in
no ip access-list extended e0_out
no ip access-list extended e1_in
no ip access-list extended e1_out
! ================ IPv4
ip access-list extended e0_in
!
! Rule 0 (global)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 2 (ethernet0)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 3 (global)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 5 (ethernet0)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 6 (global)
permit ip any any tos 16
!
! Rule 7 (global)
permit ip any any dscp 16
!
! Rule 8 (global)
permit ip any any dscp af11
!
! Rule 9 (global)
permit ip any any dscp 16
permit ip any any dscp af11
!
! Rule 10 (ethernet0)
permit ip any any option lsr
permit ip any any option record-route
permit ip any any option ssr
permit ip any any
!
! Rule 11 (ethernet0)
permit ip any any option any-options
!
! Rule 12 (global)
permit ip any any
!
! Rule 13 (global)
deny ip any any log
exit
ip access-list extended e0_out
!
! Rule 2 (ethernet0)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 6 (global)
permit ip any any tos 16
!
! Rule 7 (global)
permit ip any any dscp 16
!
! Rule 8 (global)
permit ip any any dscp af11
!
! Rule 9 (global)
permit ip any any dscp 16
permit ip any any dscp af11
!
! Rule 12 (global)
permit ip any any
!
! Rule 13 (global)
deny ip any any log
exit
ip access-list extended e1_in
!
! Rule 0 (global)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 1 (ethernet1)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 3 (global)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 4 (ethernet1)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 6 (global)
permit ip any any tos 16
!
! Rule 7 (global)
permit ip any any dscp 16
!
! Rule 8 (global)
permit ip any any dscp af11
!
! Rule 9 (global)
permit ip any any dscp 16
permit ip any any dscp af11
!
! Rule 12 (global)
permit ip any any
!
! Rule 13 (global)
deny ip any any log
exit
ip access-list extended e1_out
!
! Rule 0 (global)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 1 (ethernet1)
permit ip any 10.10.10.0 0.0.0.255
permit ip any 10.10.11.0 0.0.0.255
permit ip any 10.10.12.0 0.0.0.255
!
! Rule 6 (global)
permit ip any any tos 16
!
! Rule 7 (global)
permit ip any any dscp 16
!
! Rule 8 (global)
permit ip any any dscp af11
!
! Rule 9 (global)
permit ip any any dscp 16
permit ip any any dscp af11
!
! Rule 12 (global)
permit ip any any
!
! Rule 13 (global)
deny ip any any log
exit
interface ethernet0
ip access-group e0_in in
exit
interface ethernet0
ip access-group e0_out out
exit
interface ethernet1
ip access-group e1_in in
exit
interface ethernet1
ip access-group e1_out out
exit
!
! Epilog script:
!
! End of epilog script:
!
Reference in New Issue View Git Blame Copy Permalink