3 # enable firewall (cluster wide setting, default is disabled)
6 # default policy for host rules
16 IN ACCEPT - - tcp 22 -
17 OUT ACCEPT - - tcp 80 -
18 OUT ACCEPT - - icmp - -
23 IN ACCEPT 10.0.0.1-10.0.0.10
24 IN ACCEPT 10.0.0.1,10.0.0.2,10.0.0.3
30 192.168.0.1 #mycomment
33 ! 10.0.0.0/8 #nomatch - needs kernel 3.7 or newer