Skip to content

Instantly share code, notes, and snippets.

@AysadKozanoglu
Created April 10, 2016 22:39
Show Gist options
  • Save AysadKozanoglu/46a176099294c507fe6b2add014bd2cb to your computer and use it in GitHub Desktop.
Save AysadKozanoglu/46a176099294c507fe6b2add014bd2cb to your computer and use it in GitHub Desktop.
FireHOL example firehol.conf high secure burst connection limition
#
# $Id: client-all.conf,v 1.2 2002/12/31 15:44:34 ktsaou Exp $
#
# This configuration file will allow all requests originating from the
# local machine to be send through all network interfaces.
#
# No requests are allowed to come from the network. The host will be
# completely stealthed! It will not respond to anything, and it will
# not be pingable, although it will be able to originate anything
# (even pings to other hosts).
#
version 5
# Accept all client traffic on any interface
#interface any world
# client all accept
blacklist all `cat /etc/firehol/blacklist`
#blacklist all "176.0.0.0/8 188.0.0.0/8"
interface "eth0" Internet
protection strong
server "customssh" accept
server "nodeserver" accept
# server "mongoweb" accept
server "http" accept
server https accept
server "ftp" accept
server "ping" accept
server custom ftprange "tcp/10000:10100" default accept
server custom ntop "tcp/3000:3000" default accept
client all accept
FIREHOL_DROP_INVALID="1"
FIREHOL_TRUST_LOOPBACK="1"
FIREHOL_DROP_ORPHAN_TCP_ACK_FIN="1"
FIREHOL_LOG_PREFIX="firehol: "
#FIREHOL_LOG_MODE="ULOG"
#FIREHOL_LOG_LEVEL="--log-level info"
FIREHOL_LOG_FREQUENCY="1/second"
#FIREHOL_LOG_FREQUENCY="30/minute"
FIREHOL_LOG_BURST="5"
#FIREHOL_LOG_BURST="2"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment