example/100.fw

   1 # Example VM firewall configuration
   2
   3 [OPTIONS] # VM specific firewall options
   4
   5 # disable/enable the whole thing
   6 enable: 1
   7
   8 # disable/enable MAC address filter
   9 macfilter: 0
  10
  11 # default policy
  12 policy-in: DROP
  13 policy-out: REJECT
  14
  15 # filter SMURFS
  16 nosmurfs: 1
  17
  18 # filter illegal combinations of TCP flags
  19 tcpflags: 1
  20
  21 # enable DHCP
  22 dhcp: 1
  23
  24
  25 [IN]
  26
  27 #ACTION IFACE SOURCE DEST PROTO D-PORT S-PORT
  28
  29 SSH(ACCEPT) net0
  30 SSH(ACCEPT) net0 # a comment
  31 SSH(ACCEPT) net0 192.168.2.192  # only allow SSH from  192.168.2.192
  32 |SSH(ACCEPT) net0 # disbaled rule
  33
  34 [OUT]
  35
  36
  37 DNS(ACCEPT) net0
  38 Ping(ACCEPT) net0
  39 SSH(ACCEPT)
  40
  41
  42