1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
#! /bin/sh
cat > /etc/apf-firewall/vnet/$addr.rules <<EOF
eout "{glob} loading $addr.rules"
# $addr.rules
VNET="$addr"
#
# Policy configurable options
# add custom modifications here
#
# You can either defined CPORT vars such as:
# IG_TCP_CPORTS="21,22,25,53,80,443,110,143,6000_7000"
# IG_UDP_CPORTS="53"
# IG_ICMP_TYPES="3,5,11,0,30,8"
# EG_TCP_CPORTS="21,25,80,443,43"
# EG_UDP_CPORTS="20,21,53"
# EG_ICMP_TYPES="all"
# EG_TCP_UID="0:22"
# EG_UDP_UID="0:53"
#
# Or you can defined standard iptable rules such as:
# \$IPT -A INPUT -p tcp -s 1.0.1.0.1 -d \$VNET --dport 10024 -j ACCEPT
#
# conf.apf configurable common ports
. $INSTALL_PATH/internals/cports.common
EOF
|
