Created
April 10, 2016 22:39
-
-
Save AysadKozanoglu/46a176099294c507fe6b2add014bd2cb to your computer and use it in GitHub Desktop.
FireHOL example firehol.conf high secure burst connection limition
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # $Id: client-all.conf,v 1.2 2002/12/31 15:44:34 ktsaou Exp $ | |
| # | |
| # This configuration file will allow all requests originating from the | |
| # local machine to be send through all network interfaces. | |
| # | |
| # No requests are allowed to come from the network. The host will be | |
| # completely stealthed! It will not respond to anything, and it will | |
| # not be pingable, although it will be able to originate anything | |
| # (even pings to other hosts). | |
| # | |
| version 5 | |
| # Accept all client traffic on any interface | |
| #interface any world | |
| # client all accept | |
| blacklist all `cat /etc/firehol/blacklist` | |
| #blacklist all "176.0.0.0/8 188.0.0.0/8" | |
| interface "eth0" Internet | |
| protection strong | |
| server "customssh" accept | |
| server "nodeserver" accept | |
| # server "mongoweb" accept | |
| server "http" accept | |
| server https accept | |
| server "ftp" accept | |
| server "ping" accept | |
| server custom ftprange "tcp/10000:10100" default accept | |
| server custom ntop "tcp/3000:3000" default accept | |
| client all accept | |
| FIREHOL_DROP_INVALID="1" | |
| FIREHOL_TRUST_LOOPBACK="1" | |
| FIREHOL_DROP_ORPHAN_TCP_ACK_FIN="1" | |
| FIREHOL_LOG_PREFIX="firehol: " | |
| #FIREHOL_LOG_MODE="ULOG" | |
| #FIREHOL_LOG_LEVEL="--log-level info" | |
| FIREHOL_LOG_FREQUENCY="1/second" | |
| #FIREHOL_LOG_FREQUENCY="30/minute" | |
| FIREHOL_LOG_BURST="5" | |
| #FIREHOL_LOG_BURST="2" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment