pass-all-and-log.isba

     File: /home/pierre/isba/dev/samples/pass-all-and-log.isba
     Date: Sun Nov 18 07:04:55 MET 2001
     User: pierre


Ipf rules

  #   Action Opts Intf From To Service Misc Group Comment
 samples/pass-all-and-log.isba
  This ruleset lets all traffic pass through and logs everything but the services belonging to the service group 'dont-log'.
1pass inquick   dont-log  
don't log X11, www, www-8080, ssh ...
2pass inquick    srcport dont-log 
don't log X11, www, www-8080, ssh ...
3pass inlog first
quick
   proto-tcpflags S/SA
keep state
keep frags
 
TCP: log only 1st packet
4pass inlog first
quick
   proto-udp
proto-icmp
keep state 
UDP, ICMP: log only 1st packet
5pass inlog
quick
      
 
  
6pass outquick   dont-log  
don't log X11, www, www-8080, ssh ...
7pass outquick    srcport dont-log 
don't log X11, www, www-8080, ssh ...
8pass outlog first
quick
   proto-tcpflags S/SA
keep state
keep frags
 
TCP: log only 1st packet
9pass outlog first
quick
   proto-udp
proto-icmp
keep state 
UDP, ICMP: log only 1st packet
10pass outlog
quick
      
 



Nat rules

  #   Action Intf Original
From
Original
To
Original
Service
 ->  Translated
Address
Translated
Service
Range Comment



Hosts/Nets

  #  NameValueCommentIncluded from


Services

  #  NameProtoValueCommentIncluded from
1X11tcp5999><6010  
2dont-logtcpX11
www
www-8080
8081
22
1987
53
noisy services I don't want to log 
3proto-icmpicmp specifies proto icmp, no type 
4proto-tcptcp specifies proto tcp, no port 
5proto-udpudp specifies proto udp, no port 
6wwwtcp80  
7www-8080tcp8080  


Interfaces

  #  NameValueCommentIncluded from


Ruleset Properties

Version 
Ruleset
targets
  Target hostname
or IP address
SSH user
on target
use
sudo
ipfilter
conf dir.
ipf rules
filename
nat rules
filename
1            
Setup
infos
-
Ruleset
comments
-
List
of
changes
-
...