pass-all-and-log.isba

     File: /home/pierre/isba/dev/samples/pass-all-and-log.isba
     Date: Sun Nov 18 07:04:55 MET 2001
     User: pierre

Ipf rules

#	Action	Opts	Intf	From	To	Service	Misc	Group	Comment
	samples/pass-all-and-log.isba
	This ruleset lets all traffic pass through and logs everything but the services belonging to the service group 'dont-log'.
1	pass in	quick				dont-log			don't log X11, www, www-8080, ssh ...
2	pass in	quick					srcport dont-log		don't log X11, www, www-8080, ssh ...
3	pass in	log first quick				proto-tcp	flags S/SA keep state keep frags		TCP: log only 1st packet
4	pass in	log first quick				proto-udp proto-icmp	keep state		UDP, ICMP: log only 1st packet
5	pass in	log quick

6	pass out	quick				dont-log			don't log X11, www, www-8080, ssh ...
7	pass out	quick					srcport dont-log		don't log X11, www, www-8080, ssh ...
8	pass out	log first quick				proto-tcp	flags S/SA keep state keep frags		TCP: log only 1st packet
9	pass out	log first quick				proto-udp proto-icmp	keep state		UDP, ICMP: log only 1st packet
10	pass out	log quick

Nat rules

#	Action	Intf	Original From	Original To	Original Service	->	Translated Address	Translated Service	Range	Comment

Hosts/Nets

#	Name	Value	Comment	Included from

Services

#	Name	Proto	Value	Comment	Included from
1	X11	tcp	5999><6010
2	dont-log	tcp	X11 www www-8080 8081 22 1987 53	noisy services I don't want to log
3	proto-icmp	icmp		specifies proto icmp, no type
4	proto-tcp	tcp		specifies proto tcp, no port
5	proto-udp	udp		specifies proto udp, no port
6	www	tcp	80
7	www-8080	tcp	8080

Interfaces

#	Name	Value	Comment	Included from

Ruleset Properties

Version

Ruleset
targets

	Target hostname or IP address	SSH user on target	use sudo	ipfilter conf dir.	ipf rules filename	nat rules filename
1

Setup
infos
-
Ruleset
comments
-
List
of
changes
-
...