[pve-firewall.git] / test / test-default-rules1 / tests

{ from => 'outside', to => 'host', action => 'DROP' }
{ from => 'host', to => 'outside', action => 'DROP' }

# traffic to other node
{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 21, action => 'DROP' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 22, action => 'ACCEPT' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 3128, action => 'ACCEPT' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 8006, action => 'ACCEPT' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 5900, action => 'ACCEPT' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 5999, action => 'ACCEPT' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 6000, action => 'DROP' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', proto => 'udp', dport => 5404, action => 'ACCEPT' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', proto => 'udp', dport => 5405, action => 'ACCEPT' }
{ from => 'host', to => 'outside', dest => '172.16.1.3', proto => 'udp', dport => 5406, action => 'DROP' }
{ from => 'host', to => 'outside', dest => '239.192.158.83', proto => 'udp', dport => 5404, dsttype => 'UNICAST', action => 'DROP' }
{ from => 'host', to => 'outside', dest => '239.192.158.83', proto => 'udp', dport => 5404, dsttype => 'MULTICAST', action => 'ACCEPT' }
{ from => 'host', to => 'outside', source => '172.16.2.2', dest => '172.16.2.3', proto => 'udp', dport => 5404, action => 'ACCEPT' }
{ from => 'host', to => 'outside', dest => '172.16.2.3', proto => 'udp', dport => 5404, action => 'DROP' }


# traffic from other node

{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 21, action => 'DROP' }
{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 22, action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 3128, action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 8006, action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 5900, action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 5999, action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 6000, action => 'DROP' }
{ from => 'outside', to => 'host', source => '172.16.1.3', proto => 'udp', dport => 5404, action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.1.3', proto => 'udp', dport => 5405, action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.1.3', proto => 'udp', dport => 5406, action => 'DROP' }
{ from => 'outside', to => 'host', source => '172.16.1.3', dest => '239.192.158.83', proto => 'udp', dport => 5404, dsttype => 'UNICAST', action => 'DROP' }
{ from => 'outside', to => 'host', source => '172.16.1.3', dest => '239.192.158.83', proto => 'udp', dport => 5404, dsttype => 'MULTICAST', action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.2.11', dest => '172.16.2.2', proto => 'udp', dport => 5404, action => 'ACCEPT' }
{ from => 'outside', to => 'host', source => '172.16.2.11', dest => '172.16.1.2', proto => 'udp', dport => 5404, action => 'DROP' }


{ from => 'host', to => 'ct200', action => 'DROP' }
{ from => 'outside', to => 'ct200', action => 'ACCEPT' }
{ to => 'ct201', action => 'DROP' }
{ from => 'host', to => 'vm100', action => 'DROP' }
{ from => 'outside', to => 'vm100', action => 'ACCEPT' }
{ to => 'vm101', action => 'DROP' }
Commit	Line	Data
318d0f92 DM	1	{ from => 'outside', to => 'host', action => 'DROP' }
	2	{ from => 'host', to => 'outside', action => 'DROP' }
	3
	4	# traffic to other node
	5	{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 21, action => 'DROP' }
	6	{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 22, action => 'ACCEPT' }
	7	{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 3128, action => 'ACCEPT' }
	8	{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 8006, action => 'ACCEPT' }
	9	{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 5900, action => 'ACCEPT' }
	10	{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 5999, action => 'ACCEPT' }
	11	{ from => 'host', to => 'outside', dest => '172.16.1.3', dport => 6000, action => 'DROP' }
	12	{ from => 'host', to => 'outside', dest => '172.16.1.3', proto => 'udp', dport => 5404, action => 'ACCEPT' }
	13	{ from => 'host', to => 'outside', dest => '172.16.1.3', proto => 'udp', dport => 5405, action => 'ACCEPT' }
	14	{ from => 'host', to => 'outside', dest => '172.16.1.3', proto => 'udp', dport => 5406, action => 'DROP' }
4a9ce6d3 DM	15	{ from => 'host', to => 'outside', dest => '239.192.158.83', proto => 'udp', dport => 5404, dsttype => 'UNICAST', action => 'DROP' }
4a9ce6d3 DM	16	{ from => 'host', to => 'outside', dest => '239.192.158.83', proto => 'udp', dport => 5404, dsttype => 'MULTICAST', action => 'ACCEPT' }
6f6a6b3f SR	17	{ from => 'host', to => 'outside', source => '172.16.2.2', dest => '172.16.2.3', proto => 'udp', dport => 5404, action => 'ACCEPT' }
6f6a6b3f SR	18	{ from => 'host', to => 'outside', dest => '172.16.2.3', proto => 'udp', dport => 5404, action => 'DROP' }
318d0f92 DM	19
	20
	21	# traffic from other node
	22
	23	{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 21, action => 'DROP' }
	24	{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 22, action => 'ACCEPT' }
	25	{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 3128, action => 'ACCEPT' }
	26	{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 8006, action => 'ACCEPT' }
	27	{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 5900, action => 'ACCEPT' }
	28	{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 5999, action => 'ACCEPT' }
	29	{ from => 'outside', to => 'host', source => '172.16.1.3', dport => 6000, action => 'DROP' }
	30	{ from => 'outside', to => 'host', source => '172.16.1.3', proto => 'udp', dport => 5404, action => 'ACCEPT' }
	31	{ from => 'outside', to => 'host', source => '172.16.1.3', proto => 'udp', dport => 5405, action => 'ACCEPT' }
	32	{ from => 'outside', to => 'host', source => '172.16.1.3', proto => 'udp', dport => 5406, action => 'DROP' }
4a9ce6d3 DM	33	{ from => 'outside', to => 'host', source => '172.16.1.3', dest => '239.192.158.83', proto => 'udp', dport => 5404, dsttype => 'UNICAST', action => 'DROP' }
4a9ce6d3 DM	34	{ from => 'outside', to => 'host', source => '172.16.1.3', dest => '239.192.158.83', proto => 'udp', dport => 5404, dsttype => 'MULTICAST', action => 'ACCEPT' }
6f6a6b3f SR	35	{ from => 'outside', to => 'host', source => '172.16.2.11', dest => '172.16.2.2', proto => 'udp', dport => 5404, action => 'ACCEPT' }
6f6a6b3f SR	36	{ from => 'outside', to => 'host', source => '172.16.2.11', dest => '172.16.1.2', proto => 'udp', dport => 5404, action => 'DROP' }
318d0f92 DM	37
	38
	39	{ from => 'host', to => 'ct200', action => 'DROP' }
	40	{ from => 'outside', to => 'ct200', action => 'ACCEPT' }
	41	{ to => 'ct201', action => 'DROP' }
	42	{ from => 'host', to => 'vm100', action => 'DROP' }
	43	{ from => 'outside', to => 'vm100', action => 'ACCEPT' }
	44	{ to => 'vm101', action => 'DROP' }
	45