firewall-config.pol

# Block PPTP that will prohibit all systems from accessing a
# PPTP server running on server2 (TCP Port 1723)
1, -, -, -, 10.0.0.6, -, 1723, T

# Prohibit all computers/devices from connecting to a SSH
# server on the east hosts (e1-e3). (TCP and UDP Port 22)
2, -, -, -, 10.0.0.1, -, 22, B
3, -, -, -, 10.0.0.2, -, 22, B
4, -, -, -, 10.0.0.3, -, 22, B

# Protect DNS and NTP services on server1 and server2 from
# all hosts. DNS and NTP servers on server3 should remain
# accessible. (UDP Ports 123 and 53, respectively)
5, -, -, -, 10.0.0.5, -, 123, U
6, -, -, -, 10.0.0.5, -, 53, U
7, -, -, -, 10.0.0.6, -, 123, U
8, -, -, -, 10.0.0.6, -, 53, U

# Disallow hosts w1 and w2 from pinging mobile1. This rule
# will be satisfied if the full ICMP response is not completed.
9, -, -, 10.0.0.8, 10.0.0.4, -, -, I
10, -, -, 10.0.0.9, 10.0.0.4, -, -, I

# Disallow all traffic destined to TCP ports 9950-9952 on
# host e3 from host e1
11, -, -, 10.0.0.1, 10.0.0.3, -, 9950, T
12, -, -, 10.0.0.1, 10.0.0.3, -, 9951, T
13, -, -, 10.0.0.1, 10.0.0.3, -, 9952, T

# Restrict host mobile1 from communicating to any of the east
# hosts (e1-e3) on both TCP and UDP protocols
14, -, -, 10.0.0.4, 10.0.0.1, -, -, B
15, -, -, 10.0.0.4, 10.0.0.2, -, -, B
16, -, -, 10.0.0.4, 10.0.0.3, -, -, B