GIT.Harvie.CZ / mirrors / Programs.git / blame
| Commit | Line | Data |
|---|---|---|
| 79a323cb H |
1 | <?php |
| 2 | #HFW (Harvie's Firewall) Configuration File | |
| 3 | ||
| 4 | #Rules info | |
| 5 | $author = "Harvie 2oo7"; | |
| 6 | $description = "Sample HFW Configuration File (THX2 http://www.brandonhutchinson.com/iptables_fw.html)"; | |
| 7 | #You can modify this file to make your own firewall | |
| 8 | ||
| 9 | #Rules flush | |
| 10 | #Flush old rules | |
| 11 | $flush_rules = true; | |
| 12 | ||
| 13 | #Rules misc | |
| 14 | #Drop ICMP echo-request messages sent to broadcast or multicast addresses | |
| 15 | $icmp_echo_ignore_broadcasts = true; | |
| 16 | #Accept source routed packets | |
| 17 | $accept_source_route = false; | |
| 18 | #Enable TCP SYN cookie protection from SYN floods | |
| 19 | $tcp_syncookies = true; | |
| 20 | #Accept ICMP redirect messages | |
| 21 | $accept_redirects = false; | |
| 22 | #Send ICMP redirect messages | |
| 23 | $send_redirects = false; | |
| 24 | #Enable source address spoofing protection | |
| 25 | $rp_filter = true; | |
| 26 | #Log packets with impossible source addresses | |
| 27 | $log_martians = true; | |
| 28 | ||
| 29 | #Rules loopback | |
| 30 | #Allow unlimited traffic on the loopback interface | |
| 31 | $loopback_allow_all = true; | |
| 32 | ||
| 33 | #Rules default policies | |
| 34 | $default_policies = array( | |
| 35 | "INPUT DROP", | |
| 36 | "OUTPUT DROP", | |
| 37 | "FORWARD DROP" | |
| 38 | ); | |
| 39 | ||
| 40 | #Rules outbound traffic | |
| 41 | $allow_outbound_traffic = true; | |
| 42 | ||
| 43 | #Rules ports | |
| 44 | #Open ports | |
| 45 | $open_ports = array(20, 21, 22, 80, 8080, 111, 113, 139, 445, 548, 901, 1023, 2049, 5500, 5900, 5901); | |
| 46 | #Drop all other traffic | |
| 47 | $drop_other = true; |