diff options
Diffstat (limited to 'templates/02_workstation_template.tkmfrs')
-rw-r--r-- | templates/02_workstation_template.tkmfrs | 401 |
1 files changed, 401 insertions, 0 deletions
diff --git a/templates/02_workstation_template.tkmfrs b/templates/02_workstation_template.tkmfrs new file mode 100644 index 0000000..e629dca --- /dev/null +++ b/templates/02_workstation_template.tkmfrs @@ -0,0 +1,401 @@ +<!DOCTYPE kmyfirewall-ruleset> +<kmfnet maxVersion="~" minVersion="1.1.0" version="1.1.0" interface="iptables" uuid="{41b36b2b-68e2-4545-b34d-3cf3609c204f}" > +<netzone guiName="Gloabl Network" readonly="bool:on" uuid="{3349418e-3923-4f3c-933c-b1bd91a2c84a}" name="mynetwork" description="This is the global zone that contains all valid IP addresses." > + <fromIP address="0.0.0.0" /> + <netMask address="0" /> +<target sshPort="22" address="127.0.0.1" guiName="My Local Computer" readonly="bool:on" uuid="{42bc1c1f-996f-4f60-a6e3-3e43cd6f0167}" name="localhost" description="Local copmuter running KMyFirewall" > +<targetconfig uuid="{c3d33a7a-5ba9-45cc-8f34-1617b773e08f}" name="Untitled" description="No Description Available" > + <os name="linux" /> + <backend name="iptables" /> + <distribution name="" /> + <initPath name="" /> + <IPTPath name="" /> + <modprobePath name="" /> + <rcDefaultPath name="" /> +</targetconfig> + <kmfrs maxVersion="~" minVersion="1.0.0" version="1.1.0" uuid="{8af7181a-bf52-47e3-a00e-2204f8cff57c}" > + <abstract use_nat="no" use_filter="yes" use_syn_cookies="yes" use_ipfwd="yes" use_martians="yes" use_modules="yes" use_rp_filter="yes" name="Workstation Template" use_mangle="no" description="This is a template configuration for a typical workstation that does not do any routing. +Use this as a startingpoint for your firewall setup." /> +<table uuid="{24e22827-5d99-49a3-8767-b9cf25371f7c}" name="filter" description="This table is the main table for filtering +packets. Here you may define your +access control rules" > +<chain default_target="DROP" builtin="yes" uuid="{414166ad-b58e-41e8-8a8f-a9962e769bd1}" name="INPUT" description="In this chain you can filter packets that +are addressed directly to this computer." > +<rule num="0" logging="no" target="ICMP_FILTER" custom_rule="no" uuid="{ac00d50c-60b1-4596-9fe6-be5843be3cf4}" name="FWD_ICMP_FILTER" enabled="yes" description="Forward to the chain that handles ICPM packets +to avoid crap like source-quench etc." /> +<rule num="1" logging="no" target="ANTISPOOF" custom_rule="no" uuid="{214725fa-4179-46e4-800d-5914741921e9}" name="FWD_ANTISPOOF" enabled="yes" description="Forward packets to the ANTISPOOF chain +which performes some sainity checks for +the packets to avoid spoofing." /> +<rule num="2" logging="no" target="TCP_CHECKS" custom_rule="no" uuid="{af2b8ac5-3f43-4679-b189-9f031921b7a7}" name="FWD_TCP_CHECKS" enabled="yes" description="Forward to chian TCP_CHECKS which +filters invalid TCP flag combinations." > +<ruleoption targetoption="no" type="tcp_opt" uuid="{b5626a02-1808-444a-9e61-e6484318cb8c}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="3" logging="no" target="SERVICES" custom_rule="no" uuid="{f334a3b2-7f69-48d6-8594-54e2a5c4ef60}" name="FWD_SERVICES" enabled="yes" description="This rule forwards all packetst to the SERVICES chain. +This chain is ment to be used for rules that allow +access to this host e.g. http if you are running a web +server." /> +<rule num="4" logging="no" target="ACCEPT" custom_rule="no" uuid="{bece6068-58e4-4cef-83b4-9513d574d471}" name="CONNTRACK" enabled="yes" description="This rule handles the connecktion tracking. +It simply lets everything in that is a response +to a network request you made." > +<ruleoption targetoption="no" type="state_opt" uuid="{0210e1d2-769e-4495-8089-781d20ca2c3a}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="RELATED,ESTABLISHED" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="5" logging="no" target="ACCEPT" custom_rule="no" uuid="{4dc5f9cf-d19b-4030-998d-166ada82d814}" name="LOOPBACK" enabled="yes" description="Allow packets send from the loopback interface" > +<ruleoption targetoption="no" type="interface_opt" uuid="{d53aa556-afd8-4906-867a-943747470965}" > + <ruleoptionvalue value0="lo" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="6" logging="no" target="VPNs" custom_rule="no" uuid="{8508ed2b-7afd-426c-b959-c61583f5ee6c}" name="FWD_VPN" enabled="yes" description="Forward rule for packets coming from a VPN network 192.168.2.0/24" > +<ruleoption targetoption="no" type="ip_opt" uuid="{40e4dd9e-cf4e-444a-8b26-1b4fd8f137a8}" > + <ruleoptionvalue value0="192.168.2.1/24" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +</chain> +<chain default_target="ACCEPT" builtin="yes" uuid="{e97ee9d7-871f-49f0-b2a0-1912292a2071}" name="OUTPUT" description="In this chain you can decide which +packets are allowed to be sent away +from this computer." /> +<chain default_target="DROP" builtin="yes" uuid="{f437654c-62e4-4fee-b129-99ee59755394}" name="FORWARD" description="In this chain you can filter the packets +that are routed to other hosts by this +computer." /> +<chain builtin="no" uuid="{a0f476e7-9540-4260-9f61-de89d033fd3e}" name="ANTISPOOF" description="Packet spoof protection is done in +this chain." > +<rule num="0" logging="no" target="DROP" custom_rule="no" uuid="{b1e735e2-1b31-4b74-9c14-8613abf8b29c}" name="loopback_spoof" enabled="yes" description="Check if packets are really from the loaclhost." > +<ruleoption targetoption="no" type="interface_opt" uuid="{774afbfa-c082-4084-878f-69bd9d193104}" > + <ruleoptionvalue value0="! lo" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +<ruleoption targetoption="no" type="ip_opt" uuid="{0ff372ce-3e46-499c-9512-0dae87cb2df8}" > + <ruleoptionvalue value0="127.0.0.0/8" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +</chain> +<chain builtin="no" uuid="{49b1df3f-fb0e-4745-9547-612e350101af}" name="SERVICES" description="This rule allows other computer to connect to us on udp port 53" > +<rule num="0" logging="no" target="ACCEPT" custom_rule="no" uuid="{b5812bdf-cb51-456d-882a-bf7d82f8e13b}" name="Exapmle_DNS" enabled="no" description="This rule allows other computer to connect to us on udp port 53" > +<ruleoption targetoption="no" type="udp_opt" uuid="{a4b99995-a68d-4163-a931-c8904a138140}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="1024:65535" /> + <ruleoptionvalue value2="53" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="1" logging="no" target="ACCEPT" custom_rule="no" uuid="{11af5582-60d6-43d5-81b5-18bba8edb31f}" name="Example_SSH" enabled="yes" description="Example rule that allows other to connect +to your couputer using ssh e.g. tcp port 22" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{22b2c038-2be6-4997-9430-2340f29ba766}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="1024:65535" /> + <ruleoptionvalue value2="22" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +</chain> +<chain builtin="no" uuid="{28e8c0e7-84b9-431b-a636-c18777af661b}" name="ICMP_FILTER" description="Here some ICMP packet types are +filtered to avoid denial of service attacks." > +<rule num="0" logging="no" target="ACCEPT" custom_rule="no" uuid="{5740f895-e5b8-4b6c-ae75-a07df328b8a0}" name="ping" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="icmp_opt" uuid="{9cf0dfd0-9523-49a0-b7dc-f78b9c759dc2}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="echo-request" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="1" logging="no" target="ACCEPT" custom_rule="no" uuid="{f753a6a0-b7c3-47cd-b08a-ebac149220a8}" name="ping_reply" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="icmp_opt" uuid="{3a184346-683e-4535-99d2-ffe14f034984}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="echo-reply" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="2" logging="no" target="ACCEPT" custom_rule="no" uuid="{9aee9939-1a7b-4f71-a500-635f2ce6793d}" name="host_unreachable" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="icmp_opt" uuid="{fdb12c22-e453-4fbb-aafb-c3cc32c919e2}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="host-unreachable" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="3" logging="no" target="ACCEPT" custom_rule="no" uuid="{fda4fddc-efe8-4bd1-89a0-1e7e2080348d}" name="network_unreachable" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="icmp_opt" uuid="{6768d063-835c-40a2-992d-46d87f7b906a}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="network-unreachable" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +</chain> +<chain builtin="no" uuid="{a47513dd-a3be-486d-a918-dc0dc01e6bcd}" name="TCP_CHECKS" description="No Description Available" > +<rule num="0" logging="no" target="DROP" custom_rule="no" uuid="{53f9ce17-a8c8-4dc4-acb9-ea24977883e7}" name="tcp_flags1" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{381457e1-6e7c-422b-b73f-c879865e8bb2}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="ALL NONE" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="1" logging="no" target="DROP" custom_rule="no" uuid="{b5a11f5c-d6cf-400b-bc98-ef42bc7656d9}" name="tcp_flags2" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{4bb35820-e3ac-44be-a9fb-cfc7f1d41e22}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="FIN,ACK FIN" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="2" logging="no" target="DROP" custom_rule="no" uuid="{5751a6c7-5c75-4b20-8747-b10da300f38f}" name="tcp_flags3" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{76df0129-2788-4c66-8124-c96801337df3}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="ACK,PSH PSH" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="3" logging="no" target="DROP" custom_rule="no" uuid="{3f49954b-6a2a-4298-81c6-c54cd2c5c17d}" name="tcp_flags4" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{f51ebe7f-aa2b-452a-9350-66192ba7d322}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="ACK,URG URG" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="4" logging="no" target="DROP" custom_rule="no" uuid="{5e530522-9b04-49aa-8a0c-22d77a143393}" name="tcp_flags5" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{b7dc141d-d632-4ace-8fa5-689a8cfbe640}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="SYN,FIN SYN,FIN" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="5" logging="no" target="DROP" custom_rule="no" uuid="{c44e8a32-aa43-4320-afeb-81b7847cfdf9}" name="tcp_flags6" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{0e05588d-c058-4353-8274-33ad8b79aea9}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="SYN,RST SYN,RST" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="6" logging="no" target="DROP" custom_rule="no" uuid="{d99c29f2-8d22-4c87-96bd-8fae4f003fbf}" name="tcp_flags7" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{9734225e-7963-42a3-bf61-1a3c42c91331}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="FIN,RST FIN,RST" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +<rule num="7" logging="no" target="DROP" custom_rule="no" uuid="{0943595a-d650-4af0-bf95-0a133e75a72a}" name="tcp_nmapXmas" enabled="yes" description="Avoid nmap-xmas scanns" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{2858dee2-65e8-4097-aa5c-e0f3346ee9b4}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="ALL FIN,PSH,URG" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +</chain> +<chain builtin="no" uuid="{ba89f1bd-f323-41a4-9b05-96e13146a465}" name="LOCAL_LANS" description="No Description Available" > +<rule num="0" logging="no" target="ACCEPT" custom_rule="no" uuid="{776e59c2-1940-48e0-8eb2-9f91a84435c6}" name="MyNET" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="ip_opt" uuid="{570f7dab-5384-4e2f-a530-b33375cead6e}" > + <ruleoptionvalue value0="192.168.0.0/24" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +</chain> +<chain builtin="no" uuid="{7152a99c-bf57-44a2-8438-12d69769fecb}" name="VPNs" description="No Description Available" > +<rule num="0" logging="no" target="ACCEPT" custom_rule="no" uuid="{bab58f0c-73d0-421d-a1cd-74a9350019f0}" name="TCP_SERVICES" enabled="yes" description="No Description Available" > +<ruleoption targetoption="no" type="tcp_opt" uuid="{cc3f37ae-30d0-4ecf-ac5f-1c5faf55b60d}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="bool:off" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +<ruleoption targetoption="no" type="state_opt" uuid="{3cb856be-021b-4185-9b69-48d238d7c9c0}" > + <ruleoptionvalue value0="bool:on" /> + <ruleoptionvalue value1="NEW" /> + <ruleoptionvalue value2="bool:off" /> + <ruleoptionvalue value3="bool:off" /> + <ruleoptionvalue value4="bool:off" /> + <ruleoptionvalue value5="bool:off" /> + <ruleoptionvalue value6="bool:off" /> + <ruleoptionvalue value7="bool:off" /> + <ruleoptionvalue value8="bool:off" /> + <ruleoptionvalue value9="bool:off" /> +</ruleoption> +</rule> +</chain> +</table> +<table uuid="{855aa6cf-d15d-4744-aede-5b93d07b128b}" name="nat" description="This table is made for every kind of +NAT (Network Address Translation)." > +<chain default_target="ACCEPT" builtin="yes" uuid="{3410f0f7-e203-4569-a857-dcf922125fa0}" name="OUTPUT" description="In this chain you can decide which +packets are allowed to be sent away +from this computer." /> +<chain default_target="ACCEPT" builtin="yes" uuid="{e44c3748-6c56-4c17-be91-76dd12597593}" name="PREROUTING" description="..." /> +<chain default_target="ACCEPT" builtin="yes" uuid="{1092717a-a346-4c75-9a16-a2ec8d749634}" name="POSTROUTING" description="..." /> +</table> +<table uuid="{a4ef60e2-55fe-4c2c-bff8-3dacfa47caa4}" name="mangle" description="This table is made for altering packets." > +<chain default_target="ACCEPT" builtin="yes" uuid="{a990c3d6-75e1-49e9-922f-d31ea7d59ccd}" name="INPUT" description="In this chain you can filter packets that +are addressed directly to this compter." /> +<chain default_target="ACCEPT" builtin="yes" uuid="{65910037-d1ab-4dfc-a5af-c46a32b20e99}" name="OUTPUT" description="In this chain you can decide which +packets are allowed to be sent away +from this computer." /> +<chain default_target="ACCEPT" builtin="yes" uuid="{c5f40a03-9239-430c-aa1d-18a7a747f621}" name="FORWARD" description="In this chain you can filter the packets +that are routed to other hosts by this +computer." /> +<chain default_target="ACCEPT" builtin="yes" uuid="{34509ced-a1d0-43ca-8bf3-e513cdde985b}" name="PREROUTING" description="..." /> +<chain default_target="ACCEPT" builtin="yes" uuid="{1ee9514d-ed88-4607-a22f-6eb4780ca1d7}" name="POSTROUTING" description="..." /> +</table> + </kmfrs> +</target> +</netzone> +</kmfnet> + |