63 lines
1.1 KiB
Plaintext
63 lines
1.1 KiB
Plaintext
# Fichier de configuration
|
|
# pour minifirewall
|
|
|
|
# version 0.1 - 12 juillet 2007 $Id: firewall.rc,v 1.2 2007/07/12 19:08:59 reg Exp $
|
|
|
|
# Interface concernee
|
|
INT='eth0'
|
|
|
|
# IP associee
|
|
INTIP='192.168.0.2'
|
|
INTLAN='192.168.0.0/24'
|
|
|
|
# trusted ip addresses
|
|
TRUSTEDIPS='62.212.121.90 62.212.111.216'
|
|
|
|
# privilegied ip addresses
|
|
# (trusted ip addresses *are* privilegied)
|
|
PRIVILEGIEDIPS=''
|
|
|
|
# Services "publics"
|
|
SERVICESTCP1='21 25 53 993 995'
|
|
SERVICESUDP1='53'
|
|
|
|
# Services "semi-publics"
|
|
SERVICESTCP2='22 25 53 80 110 143 443'
|
|
SERVICESUDP2=''
|
|
|
|
# Services "prives"
|
|
SERVICESTCP3='636 5666'
|
|
SERVICESUDP3=''
|
|
|
|
################### SORTANTS
|
|
|
|
# DNS
|
|
DNSSERVEURS='85.31.205.33 78.153.240.29'
|
|
|
|
# HTTP : security.d.o x3, zidane, modsecurity www.debian.org
|
|
# /!\ Possibilite d'utiliser des noms de domaines
|
|
# mais il est conseiller de placer un rechargement
|
|
# du minifirewall en crontab
|
|
HTTPSITES='security.debian.org 85.31.205.33 80.25.139.226 www.debian.org'
|
|
|
|
# HTTPS
|
|
HTTPSSITES=''
|
|
|
|
# FTP
|
|
FTPSITES=''
|
|
|
|
# SSH
|
|
SSHOK='0.0.0.0/0'
|
|
|
|
# SMTP
|
|
SMTPOK='0.0.0.0/0'
|
|
|
|
# NTP
|
|
NTPOK='78.153.240.29'
|
|
|
|
|
|
################### Specific rules
|
|
# /sbin/iptables ....
|
|
# /sbin/iptables ....
|
|
# /sbin/iptables ....
|