1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
*filter
# Speedway INPUT Policy
# this is a sample output filter that generates
# multiplatform for tug wlc protection
#
# $Id: ./filters/sample_tug_wlc_fw.ipt $
# $Date: 2015/03/26 $
# inet
:INPUT DROP
-N I_permit-icmp
-A I_permit-icmp -p icmp -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A INPUT -j I_permit-icmp
-N I_permit-traceroute
-A I_permit-traceroute -p udp --dport 33434:33534 -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A INPUT -j I_permit-traceroute
-N I_permit-NORDUnet
-A I_permit-NORDUnet -p all -s 109.105.96.0/19 -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A I_permit-NORDUnet -p all -s 130.242.82.30/32 -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A I_permit-NORDUnet -p all -s 130.242.121.137/32 -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A I_permit-NORDUnet -p all -s 193.10.252.0/24 -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A I_permit-NORDUnet -p all -s 193.10.254.0/24 -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A I_permit-NORDUnet -p all -s 193.11.3.0/24 -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A I_permit-NORDUnet -p all -s 194.68.13.0/24 -d 109.105.104.16/28 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A INPUT -j I_permit-NORDUnet
-N I_default-deny
-A I_default-deny -p all -j DROP
-A INPUT -j I_default-deny
COMMIT
|
