# Example VM firewall configuration # VM specific firewall options [OPTIONS] # disable/enable the whole thing enable: 1 # disable/enable MAC address filter macfilter: 0 # default policy policy_in: DROP policy_out: REJECT # log dropped incoming connection log_level_in: info # disable log for outgoing connections log_level_out: nolog # filter SMURFS nosmurfs: 1 # filter illegal combinations of TCP flags tcpflags: 1 # enable DHCP dhcp: 1 [RULES] #TYPE ACTION IFACE SOURCE DEST PROTO D-PORT S-PORT IN SSH(ACCEPT) net0 IN SSH(ACCEPT) net0 # a comment IN SSH(ACCEPT) net0 192.168.2.192 # only allow SSH from 192.168.2.192 |IN SSH(ACCEPT) net0 # disabled rule # add a security group GROUP group1 net0 OUT DNS(ACCEPT) net0 OUT Ping(ACCEPT) net0 OUT SSH(ACCEPT)