| | 1 | <?php |
| | 2 | #HFW (Harvie's Firewall) Configuration File |
| | 3 | |
| | 4 | #Rules info |
| | 5 | $author = "Harvie 2oo7"; |
| | 6 | $description = "Sample HFW Configuration File (THX2 http://www.brandonhutchinson.com/iptables_fw.html)"; |
| | 7 | #You can modify this file to make your own firewall |
| | 8 | |
| | 9 | #Rules flush |
| | 10 | #Flush old rules |
| | 11 | $flush_rules = true; |
| | 12 | |
| | 13 | #Rules misc |
| | 14 | #Drop ICMP echo-request messages sent to broadcast or multicast addresses |
| | 15 | $icmp_echo_ignore_broadcasts = true; |
| | 16 | #Accept source routed packets |
| | 17 | $accept_source_route = false; |
| | 18 | #Enable TCP SYN cookie protection from SYN floods |
| | 19 | $tcp_syncookies = true; |
| | 20 | #Accept ICMP redirect messages |
| | 21 | $accept_redirects = false; |
| | 22 | #Send ICMP redirect messages |
| | 23 | $send_redirects = false; |
| | 24 | #Enable source address spoofing protection |
| | 25 | $rp_filter = true; |
| | 26 | #Log packets with impossible source addresses |
| | 27 | $log_martians = true; |
| | 28 | |
| | 29 | #Rules loopback |
| | 30 | #Allow unlimited traffic on the loopback interface |
| | 31 | $loopback_allow_all = true; |
| | 32 | |
| | 33 | #Rules default policies |
| | 34 | $default_policies = array( |
| | 35 | "INPUT DROP", |
| | 36 | "OUTPUT DROP", |
| | 37 | "FORWARD DROP" |
| | 38 | ); |
| | 39 | |
| | 40 | #Rules outbound traffic |
| | 41 | $allow_outbound_traffic = true; |
| | 42 | |
| | 43 | #Rules ports |
| | 44 | #Open ports |
| | 45 | $open_ports = array(20, 21, 22, 80, 8080, 111, 113, 139, 445, 548, 901, 1023, 2049, 5500, 5900, 5901); |
| | 46 | #Drop all other traffic |
| | 47 | $drop_other = true; |
GIT.Harvie.CZ / mirrors / Programs.git / blame_incremental