| Interface: ET1 used as: DMZ |
|---|
| |
| Incoming super |
| saddr == 192.168.20.1/255.255.255.0 accept |
| saddr == 0 && proto == udp && dport == 67 accept |
| |
| Incoming user |
| dport == 5060 && daddr != 192.168.20.1 && (proto == tcp || proto == udp) modify static daddr 127.0.0.1 |
| proto == udp && dport == 67 accept |
| daddr == my.ip.address.here || daddr == 192.168.20.1
|| daddr == 192.168.0.1/255.255.255.0 || daddr == 192.168.10.1/255.255.255.0
deny |
| (dport == 21) && proto == tcp modify static daddr 192.168.20.1, static dport 8021 |
| proto != 0 accept |
| |
| Outgoing super |
| proto != 0 accept |
| |
| Outgoing user |
| saddr == 192.168.0.1/255.255.255.0 || saddr == 192.168.10.1/255.255.255.0 inspect |
| dport == 21 && daddr == 192.168.20.31 && proto == tcp inspect |
| proto != 0 accept |
| |
| Interface:
LINE used as: outside |
| |
| Incoming super |
| saddr == 192.168.20.1/255.255.255.0 || saddr == 192.168.0.1/255.255.255.0
|| saddr == 192.168.10.1/255.255.255.0 deny |
| daddr == my.ip.address.here accept |
| |
| Incoming user |
| sport == 53 && proto == udp && (saddr == 194.72.6.57
|| saddr == 194.73.82.242) accept |
| dport == 5060 && (proto == udp || proto == tcp) accept |
| dport == 21 && proto == tcp modify static dport 8021 |
| (dport == 80 ) && proto == tcp modify static daddr 192.168.20.31 |
| proto == icmp && icmptype == 8 && icmpcode == 0 modify
static daddr 192.168.20.31 |
| |
| Outgoing super |
| saddr == my.ip.address.here accept |
| |
| Outgoing user |
| saddr != my.ip.address.here modify dynamic source 0 |
| (dport == 21) && proto == tcp inspect |
| saddr == my.ip.address.here accept |
| |
