Part of Slepp's ProjectsPastebinTURLImagebinFilebin
Feedback -- English French German Japanese
Create Upload Newest Tools Donate
Sign In | Create Account

Someone
Monday, December 12th, 2005 at 10:13:51pm UTC 

  1. m0n0wall: status
  2. Mon Dec 12 16:13:37 CST 2005
  3.  
  4. Note: make sure to remove any sensitive information (passwords, maybe also IP addresses) before posting information from this page in public places (like mailing lists)!
  5. Passwords in config.xml have been automatically removed.
  6.  
  7. This status page includes the following information:
  8.  
  9.     * System uptime
  10.     * Interfaces
  11.     * Routing tables
  12.     * ipfw show
  13.     * ipnat -lv
  14.     * ipfstat -v
  15.     * ipfstat -nio
  16.     * unparsed ipnat rules
  17.     * unparsed ipfilter rules
  18.     * unparsed ipfw rules
  19.     * resolv.conf
  20.     * Processes
  21.     * dhcpd.conf
  22.     * ez-ipupdate.cache
  23.     * df
  24.     * racoon.conf
  25.     * SPD
  26.     * SAD
  27.     * last 200 system log entries
  28.     * last 50 filter log entries
  29.     * ls /conf
  30.     * ls /var/run
  31.     * config.xml
  32.  
  33. System uptime
  34.  
  35.  4:13PM  up 33 days,  5:12, 0 users, load averages: 0.00, 0.00, 0.00
  36.  
  37. Interfaces
  38.  
  39. em0: flags=18843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,POLLING> mtu 1500
  40.         options=3<RXCSUM,TXCSUM>
  41.         inet 10.246.9.254 netmask 0xffffff00 broadcast 10.246.9.255
  42.         ether 00:e0:81:62:71:02
  43.         media: Ethernet 100baseTX <full-duplex>
  44.         status: active
  45. em1: flags=18843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,POLLING> mtu 1500
  46.         options=3<RXCSUM,TXCSUM>
  47.         inet 10.251.0.21 netmask 0xffffff00 broadcast 10.251.0.255
  48.         ether 00:e0:81:62:71:01
  49.         media: Ethernet 100baseTX <full-duplex>
  50.         status: active
  51. lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
  52.         inet 127.0.0.1 netmask 0xff000000
  53.  
  54. Routing tables
  55.  
  56. Routing tables
  57.  
  58. Internet:
  59. Destination        Gateway            Flags    Refs      Use  Netif Expire
  60. default            10.251.0.253       UGSc        4 267995809    em1
  61. 10.246.9/24        link#1             UC          8        0    em0
  62. 10.246.9.2         00:0e:7f:b4:06:57  UHLW        0      385    em0   1023
  63. 10.246.9.3         00:50:8b:dc:cf:c1  UHLW        1   762643    em0    832
  64. 10.246.9.10        00:13:21:07:d8:45  UHLW        0   409027    em0    527
  65. 10.246.9.11        00:13:21:0c:31:b9  UHLW        0   104875    em0   1042
  66. 10.246.9.12        00:13:21:0c:aa:dd  UHLW        0 14696108    em0    629
  67. 10.246.9.30        00:11:25:8d:38:b0  UHLW        0 25150710    em0   1193
  68. 10.246.9.31        00:11:25:8d:8d:bb  UHLW        0 79283840    em0    791
  69. 10.246.9.32        00:11:25:8d:8f:70  UHLW        0    46000    em0   1147
  70. 10.251/24          link#2             UC          1        0    em1
  71. 10.251.0.253       00:60:3e:48:84:48  UHLW        5        0    em1   1182
  72. 127.0.0.1          127.0.0.1          UH          0        0    lo0
  73.  
  74. ipfw show
  75.  
  76. ipfw: getsockopt(IP_FW_GET): Protocol not available
  77.  
  78. ipnat -lv
  79.  
  80. List of active MAP/Redirect filters:
  81.  
  82. List of active sessions:
  83.  
  84. List of active host mappings:
  85.  
  86. ipfstat -v
  87.  
  88. opts 0x40 name /dev/ipl
  89.  IPv6 packets:    in 0 out 0
  90.  input packets:  blocked 2282105 passed 493538184 nomatch 1 counted 0 short 0
  91. output packets:  blocked 89 passed 495687566 nomatch 0 counted 0 short 0
  92.  input packets logged:  blocked 2278532 passed 0
  93. output packets logged:  blocked 0 passed 0
  94.  packets logged:        input 0 output 0
  95.  log failures:    input 1941 output 0
  96. fragment state(in):     kept 0       lost 0 not fragmented 0
  97. fragment state(out):    kept 0      lost 0        not fragmented 0
  98. packet state(in):       kept 341668    lost 3572
  99. packet state(out):      kept 269      lost 89
  100. ICMP replies:   0  TCP RSTs sent:    0
  101. Invalid source(in):     0
  102. Result cache hits(in)1206800   (out):     0
  103. IN Pullups succeeded:   0  failed:   0
  104. OUT Pullups succeeded:  0 failed:  0
  105. Fastroute successes:    0   failures:  0
  106. TCP cksum fails(in):    0   (out):     0
  107. Packet log flags set: (0)
  108.         none
  109.  
  110. ipfstat -nio
  111.  
  112. @1 pass out quick on lo0 from any to any
  113. @2 pass out quick on em0 proto udp from 10.246.9.254/32 port = 67 to any port = 68
  114. @3 pass out quick on em1 proto udp from any port = 68 to any port = 67
  115. @4 pass out quick on em0 from any to any keep state
  116. @5 pass out quick on em1 from any to any keep state
  117. @6 block out log quick from any to any
  118. @1 pass in quick on lo0 from any to any
  119. @2 block in log quick from any to any with short
  120. @3 block in log quick from any to any with ipopt
  121. @4 pass in quick on em0 proto udp from any port = 68 to 255.255.255.255/32 port = 67
  122. @5 pass in quick on em0 proto udp from any port = 68 to 10.246.9.254/32 port = 67
  123. @6 block in log quick on em1 from 10.246.9.0/24 to any
  124. @7 block in log quick on em1 proto udp from any port = 67 to 10.246.9.0/24 port = 68
  125. @8 pass in quick on em1 proto udp from any port = 67 to any port = 68
  126. @9 block in log quick on em0 from !10.246.9.0/24 to any
  127. @10 skip 1 in proto tcp from any to any flags S/FSRA
  128. @11 block in log quick proto tcp from any to any
  129. @12 block in log quick on em0 from any to any head 100
  130. @1 pass in quick from 10.246.9.0/24 to 10.246.9.254/32 keep state group 100
  131. @2 pass in quick proto icmp from any to any keep state group 100
  132. @3 pass in quick proto tcp from 10.246.9.0/24 to 10.245.0.55/32 port = 3128 keep state group 100
  133. @4 pass in quick proto tcp from any to any port = 23 keep state group 100
  134. @5 pass in quick proto tcp from any to any port = 22 keep state group 100
  135. @6 pass in quick proto udp from any to any port = 123 keep state group 100
  136. @7 pass in quick proto udp from any to 192.168.7.36/32 port = 53 keep state group 100
  137. @8 pass in quick proto udp from any to 192.168.7.37/32 port = 53 keep state group 100
  138. @9 pass in quick proto tcp from 10.246.9.2/32 port = 20 to any keep state group 100
  139. @10 pass in quick proto tcp from 10.246.9.2/32 to 64.23.81.158/32 keep state group 100
  140. @11 pass in quick proto tcp from 10.246.9.2/32 to 199.72.30.59/32 keep state group 100
  141. @12 pass in quick proto tcp from 10.246.9.2/32 to 66.182.142.82/32 keep state group 100
  142. @13 pass in quick proto tcp from 10.246.9.2/32 to 207.157.43.66/32 keep state group 100
  143. @14 pass in quick proto tcp from 10.246.9.3/32 to 10.0.67.0/24 keep state group 100
  144. @15 pass in quick proto tcp from 10.246.9.3/32 to any port = 5500 keep state group 100
  145. @16 pass in quick proto tcp from 10.246.9.3/32 to any port = 18000 keep state group 100
  146. @17 pass in quick proto tcp from 10.246.9.3/32 to any port = 1723 keep state group 100
  147. @18 pass in quick proto tcp from 10.246.9.3/32 to 206.197.159.9/32 keep state group 100
  148. @19 pass in quick proto tcp from 10.246.9.3/32 to 10.0.67.223/32 keep state group 100
  149. @20 pass in quick proto icmp from 10.246.9.3/32 to 10.0.67.223/32 keep state group 100
  150. @21 pass in quick proto tcp from 10.246.9.12/32 to 10.248.0.20/32 port = 7100 keep state group 100
  151. @22 pass in quick proto tcp from 10.246.9.12/32 to 10.248.0.20/32 port = 7200 keep state group 100
  152. @23 pass in quick from any to 10.245.0.49/32 keep state group 100
  153. @24 pass in quick proto udp from any to 10.245.0.11/32 port = 137 keep state group 100
  154. @25 pass in quick proto tcp/udp from any to any port = 3389 keep state group 100
  155. @26 pass in quick proto tcp from any to any port = 5631 keep state group 100
  156. @27 pass in quick proto tcp from 10.246.9.0/24 to 192.168.7.139/32 port = 1500 keep state keep frags group 100
  157. @28 pass in quick proto tcp from 10.246.9.0/24 to 192.168.7.139/32 port 1579 >< 1582 keep state group 100
  158. @29 pass in quick proto tcp from 10.246.9.0/24 to 10.249.0.1/32 port = 1500 keep state keep frags group 100
  159. @30 pass in quick proto tcp from 10.246.9.0/24 to 10.249.0.1/32 port 1579 >< 1582 keep state group 100
  160. @31 pass in quick proto tcp/udp from 10.246.9.31/32 to 10.246.0.10/32 port 136 >< 140 keep state group 100
  161. @32 pass in quick proto tcp/udp from 10.246.9.32/32 to 10.246.0.10/32 port 136 >< 140 keep state group 100
  162. @33 pass in quick proto tcp/udp from 10.246.9.31/32 to 10.246.0.11/32 port 136 >< 140 keep state group 100
  163. @34 pass in quick proto tcp/udp from 10.246.9.32/32 to 10.246.0.11/32 port 136 >< 140 keep state group 100
  164. @35 pass in quick proto tcp/udp from 10.246.9.31/32 to 10.246.0.111/32 port 136 >< 140 keep state group 100
  165. @36 pass in quick proto tcp/udp from 10.246.9.32/32 to 10.246.0.111/32 port 136 >< 140 keep state group 100
  166. @37 pass in quick proto tcp/udp from 10.246.9.31/32 to 10.246.0.49/32 port = 2967 keep state group 100
  167. @38 pass in quick proto tcp/udp from 10.246.9.32/32 to 10.246.0.49/32 port = 2967 keep state group 100
  168. @39 pass in quick proto tcp/udp from 10.246.9.31/32 to 10.246.0.49/32 port = 38293 keep state group 100
  169. @40 pass in quick proto tcp/udp from 10.246.9.32/32 to 10.246.0.49/32 port = 38293 keep state group 100
  170. @41 pass in quick proto tcp from 10.246.9.31/32 to 10.245.1.1/32 keep state group 100
  171. @42 pass in quick proto tcp from 10.246.9.31/32 to 10.245.1.2/32 keep state group 100
  172. @43 pass in quick proto tcp from 10.246.9.31/32 to 10.245.1.3/32 keep state group 100
  173. @44 pass in quick proto tcp from 10.246.9.31/32 to 10.0.119.33/32 keep state group 100
  174. @45 pass in quick proto tcp from 10.246.9.31/32 to 10.0.118.56/32 keep state group 100
  175. @46 pass in quick proto tcp from 10.246.9.30/32 to 10.240.0.5/32 port = 25 keep state group 100
  176. @47 block in log first quick from any to any group 100
  177. @13 block in log quick on em1 from any to any head 200
  178. @1 pass in quick proto icmp from any to any keep state group 200
  179. @2 pass in quick proto tcp from any to any port = 23 keep state group 200
  180. @3 pass in quick proto tcp from 192.168.7.139/32 to 10.246.9.0/24 port 1499 >< 1502 keep state group 200
  181. @4 pass in quick proto tcp from 10.249.0.1/32 to 10.246.9.0/24 port 1499 >< 1502 keep state group 200
  182. @5 pass in quick proto tcp from any to 10.246.9.0/24 port 1579 >< 1584 keep state group 200
  183. @6 pass in quick proto tcp from 10.246.0.85/32 to 10.246.9.2/32 keep state group 200
  184. @7 pass in quick proto tcp from 10.248.0.6/32 to 10.246.9.2/32 keep state group 200
  185. @8 pass in quick proto tcp from 10.0.119.80/32 to 10.246.9.2/32 keep state group 200
  186. @9 pass in quick proto tcp from 10.245.0.53/32 to 10.246.9.2/32 keep state group 200
  187. @10 pass in quick proto tcp from 10.245.0.54/32 to 10.246.9.2/32 keep state group 200
  188. @11 pass in quick proto tcp from 10.0.119.33/32 to 10.246.9.2/32 keep state group 200
  189. @12 pass in quick proto tcp from any to 10.246.9.2/32 port = 5900 keep state group 200
  190. @13 pass in quick proto tcp from any to 10.246.9.3/32 port = 5500 keep state group 200
  191. @14 pass in quick proto tcp from any to 10.246.9.3/32 port = 18000 keep state group 200
  192. @15 pass in quick proto tcp from any to 10.246.9.3/32 port = 1723 keep state group 200
  193. @16 pass in quick proto tcp from 10.0.67.0/24 to 10.246.9.3/32 keep state group 200
  194. @17 pass in quick proto tcp from 10.0.119.33/32 to 10.246.9.3/32 keep state group 200
  195. @18 pass in quick proto tcp from 10.248.0.20/32 to 10.246.9.12/32 port = 31101 keep state group 200
  196. @19 pass in quick proto tcp from 10.248.0.20/32 to 10.246.9.12/32 port = 32101 keep state group 200
  197. @20 pass in quick proto tcp from any to 10.251.0.21/32 port = 80 keep state group 200
  198. @21 pass in quick proto tcp from any to 10.251.0.21/32 port = 443 keep state group 200
  199. @22 pass in quick proto tcp from any to 10.246.9.254/32 port = 80 keep state group 200
  200. @23 pass in quick proto tcp from any to 10.246.9.11/32 port = 80 keep state group 200
  201. @24 pass in quick proto tcp from any to 10.246.9.11/32 port = 443 keep state group 200
  202. @25 pass in quick proto tcp from 10.0.57.58/32 to 10.246.9.11/32 port = 3389 keep state group 200
  203. @26 pass in quick proto tcp from 10.0.57.106/32 to 10.246.9.11/32 port = 3389 keep state group 200
  204. @27 pass in quick proto tcp from 10.0.119.18/32 to 10.246.9.11/32 port = 3389 keep state group 200
  205. @28 pass in quick proto tcp from 10.0.119.118/32 to 10.246.9.11/32 port = 3389 keep state group 200
  206. @29 pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.11/32 port = 3389 keep state group 200
  207. @30 pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.11/32 port = 5631 keep state group 200
  208. @31 pass in quick proto tcp from 10.0.57.58/32 to 10.246.9.10/32 port = 3389 keep state group 200
  209. @32 pass in quick proto tcp from 10.0.57.106/32 to 10.246.9.10/32 port = 3389 keep state group 200
  210. @33 pass in quick proto tcp from 10.0.119.18/32 to 10.246.9.10/32 port = 3389 keep state group 200
  211. @34 pass in quick proto tcp from 10.0.119.118/32 to 10.246.9.10/32 port = 3389 keep state group 200
  212. @35 pass in quick proto tcp from 10.0.57.58/32 to 10.246.9.12/32 port = 3389 keep state group 200
  213. @36 pass in quick proto tcp from 10.0.57.106/32 to 10.246.9.12/32 port = 3389 keep state group 200
  214. @37 pass in quick proto tcp from 10.0.119.18/32 to 10.246.9.12/32 port = 3389 keep state group 200
  215. @38 pass in quick proto tcp from 10.0.119.118/32 to 10.246.9.12/32 port = 3389 keep state group 200
  216. @39 pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.10/32 port = 3389 keep state group 200
  217. @40 pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.10/32 port = 5631 keep state group 200
  218. @41 pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.12/32 port = 3389 keep state group 200
  219. @42 pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.12/32 port = 5631 keep state group 200
  220. @43 pass in quick proto tcp from any to 10.246.9.30/32 port = 22 keep state group 200
  221. @44 pass in quick proto tcp/udp from 10.246.0.10/32 to 10.246.9.31/32 port 136 >< 140 keep state group 200
  222. @45 pass in quick proto tcp/udp from 10.246.0.10/32 to 10.246.9.32/32 port 136 >< 140 keep state group 200
  223. @46 pass in quick proto tcp/udp from 10.246.0.11/32 to 10.246.9.31/32 port 136 >< 140 keep state group 200
  224. @47 pass in quick proto tcp/udp from 10.246.0.11/32 to 10.246.9.32/32 port 136 >< 140 keep state group 200
  225. @48 pass in quick proto tcp/udp from 10.246.0.111/32 to 10.246.9.31/32 port 136 >< 140 keep state group 200
  226. @49 pass in quick proto tcp/udp from 10.246.0.111/32 to 10.246.9.32/32 port 136 >< 140 keep state group 200
  227. @50 pass in quick proto tcp/udp from 10.246.0.49/32 to 10.246.9.31/32 port = 2967 keep state group 200
  228. @51 pass in quick proto tcp/udp from 10.246.0.49/32 to 10.246.9.32/32 port = 2967 keep state group 200
  229. @52 pass in quick proto tcp/udp from 10.246.0.49/32 to 10.246.9.31/32 port = 38293 keep state group 200
  230. @53 pass in quick proto tcp/udp from 10.246.0.49/32 to 10.246.9.32/32 port = 38293 keep state group 200
  231. @54 pass in quick proto tcp from any to 10.246.9.31/32 port = 5631 keep state group 200
  232. @55 pass in quick proto tcp/udp from any to 10.246.9.31/32 port = 5632 keep state group 200
  233. @56 pass in quick proto tcp from any to 10.246.9.31/32 port = 5900 keep state group 200
  234. @57 pass in quick proto tcp from any to 10.246.9.32/32 port = 5631 keep state group 200
  235. @58 pass in quick proto tcp/udp from any to 10.246.9.32/32 port = 5632 keep state group 200
  236. @59 pass in quick proto tcp from any to 10.246.9.32/32 port = 5900 keep state group 200
  237. @60 pass in quick proto tcp from any to 10.246.9.30/32 port = 1521 keep state group 200
  238. @61 pass in quick proto tcp from any to 10.246.9.30/32 port 5499 >< 5503 keep state group 200
  239. @62 pass in quick proto tcp from any to 10.246.9.30/32 port = 1810 keep state group 200
  240. @63 pass in quick proto tcp from any to 10.246.9.30/32 port 1829 >< 1832 keep state group 200
  241. @64 pass in quick proto tcp from any to 10.246.9.31/32 port 1539 >< 1543 keep state group 200
  242. @65 pass in quick proto tcp from any to 10.246.9.31/32 port = 2016 keep state group 200
  243. @66 pass in quick proto tcp from 10.245.1.1/32 to 10.246.9.31/32 keep state group 200
  244. @67 pass in quick proto tcp from 10.245.1.2/32 to 10.246.9.31/32 keep state group 200
  245. @68 pass in quick proto tcp from 10.245.1.3/32 to 10.246.9.31/32 keep state group 200
  246. @69 pass in quick proto tcp from 10.0.119.33/32 to 10.246.9.31/32 keep state group 200
  247. @70 pass in quick proto tcp from 10.0.118.56/32 to 10.246.9.31/32 keep state group 200
  248. @71 pass in quick proto tcp from any to 10.246.9.32/32 port = 8080 keep state group 200
  249. @72 pass in quick proto tcp from any to 10.246.9.32/32 port = 80 keep state group 200
  250. @73 pass in quick proto tcp from 10.245.0.42/32 to 10.246.9.0/24 port = 5900 keep state group 200
  251. @74 pass in quick proto tcp from 10.245.0.42/32 to 10.246.9.0/24 port = 3389 keep state group 200
  252. @75 pass in quick proto tcp from 10.245.0.42/32 to 10.246.9.0/24 port = 5631 keep state group 200
  253. @76 pass in quick proto tcp from 10.0.119.181/32 to 10.246.9.0/24 port = 5900 keep state group 200
  254. @77 pass in quick proto tcp from 10.0.119.181/32 to 10.246.9.0/24 port = 3389 keep state group 200
  255. @78 pass in quick proto tcp from 10.0.119.181/32 to 10.246.9.0/24 port = 5631 keep state group 200
  256. @79 block in log first quick from any to any group 200
  257. @14 block in log quick from any to any
  258.  
  259. unparsed ipnat rules
  260.  
  261. unparsed ipfilter rules
  262.  
  263. # loopback
  264. pass in quick on lo0 all
  265. pass out quick on lo0 all
  266.  
  267. # block short packets
  268. block in log quick all with short
  269.  
  270. # block IP options
  271. block in log quick all with ipopts
  272.  
  273. # allow access to DHCP server on LAN
  274. pass in quick on em0 proto udp from any port = 68 to 255.255.255.255 port = 67
  275. pass in quick on em0 proto udp from any port = 68 to 10.246.9.254 port = 67
  276. pass out quick on em0 proto udp from 10.246.9.254 port = 67 to any port = 68
  277.  
  278. # WAN spoof check
  279. block in log quick on em1 from 10.246.9.0/24 to any
  280.  
  281. # allow our DHCP client out to the WAN
  282. # XXX - should be more restrictive
  283. # (not possible at the moment - need 'me' like in ipfw)
  284. pass out quick on em1 proto udp from any port = 68 to any port = 67
  285. block in log quick on em1 proto udp from any port = 67 to 10.246.9.0/24 port = 68
  286. pass in quick on em1 proto udp from any port = 67 to any port = 68
  287.  
  288. # LAN/OPT spoof check (needs to be after DHCP because of broadcast addresses)
  289. block in log quick on em0 from ! 10.246.9.0/24 to any
  290.  
  291. # Block TCP packets that do not mark the start of a connection
  292. skip 1 in proto tcp all flags S/SAFR
  293. block in log quick proto tcp all
  294.  
  295. #---------------------------------------------------------------------------
  296. # group head 100 - LAN interface
  297. #---------------------------------------------------------------------------
  298. block in log quick on em0 all head 100
  299.  
  300. # let out anything from the firewall host itself and decrypted IPsec traffic
  301. pass out quick on em0 all keep state
  302.  
  303. #---------------------------------------------------------------------------
  304. # group head 200 - WAN interface
  305. #---------------------------------------------------------------------------
  306. block in log quick on em1 all head 200
  307.  
  308. # let out anything from the firewall host itself and decrypted IPsec traffic
  309. pass out quick on em1 all keep state
  310.  
  311. # make sure the user cannot lock himself out of the webGUI
  312. pass in quick from 10.246.9.0/24 to 10.246.9.254 keep state group 100
  313.  
  314. # User-defined rules follow
  315. pass in quick proto icmp from any to any keep state group 200
  316. pass in quick proto tcp from any to any port = 23 keep state group 200
  317. pass in quick proto tcp from 192.168.7.139 to 10.246.9.0/24 port 1499 >< 1502 keep state group 200
  318. pass in quick proto tcp from 10.249.0.1 to 10.246.9.0/24 port 1499 >< 1502 keep state group 200
  319. pass in quick proto tcp from any to 10.246.9.0/24 port 1579 >< 1584 keep state group 200
  320. pass in quick proto tcp from 10.246.0.85 to 10.246.9.2 keep state group 200
  321. pass in quick proto tcp from 10.248.0.6 to 10.246.9.2 keep state group 200
  322. pass in quick proto tcp from 10.0.119.80 to 10.246.9.2 keep state group 200
  323. pass in quick proto tcp from 10.245.0.53 to 10.246.9.2 keep state group 200
  324. pass in quick proto tcp from 10.245.0.54 to 10.246.9.2 keep state group 200
  325. pass in quick proto tcp from 10.0.119.33 to 10.246.9.2 keep state group 200
  326. pass in quick proto tcp from any to 10.246.9.2 port = 5900 keep state group 200
  327. pass in quick proto tcp from any to 10.246.9.3 port = 5500 keep state group 200
  328. pass in quick proto tcp from any to 10.246.9.3 port = 18000 keep state group 200
  329. pass in quick proto tcp from any to 10.246.9.3 port = 1723 keep state group 200
  330. pass in quick proto tcp from 10.0.67.0/24 to 10.246.9.3 keep state group 200
  331. pass in quick proto tcp from 10.0.119.33 to 10.246.9.3 keep state group 200
  332. pass in quick proto tcp from 10.248.0.20 to 10.246.9.12 port = 31101 keep state group 200
  333. pass in quick proto tcp from 10.248.0.20 to 10.246.9.12 port = 32101 keep state group 200
  334. pass in quick proto tcp from any to 10.251.0.21 port = 80 keep state group 200
  335. pass in quick proto tcp from any to 10.251.0.21 port = 443 keep state group 200
  336. pass in quick proto tcp from any to 10.246.9.254 port = 80 keep state group 200
  337. pass in quick proto tcp from any to 10.246.9.11 port = 80 keep state group 200
  338. pass in quick proto tcp from any to 10.246.9.11 port = 443 keep state group 200
  339. pass in quick proto tcp from 10.0.57.58 to 10.246.9.11 port = 3389 keep state group 200
  340. pass in quick proto tcp from 10.0.57.106 to 10.246.9.11 port = 3389 keep state group 200
  341. pass in quick proto tcp from 10.0.119.18 to 10.246.9.11 port = 3389 keep state group 200
  342. pass in quick proto tcp from 10.0.119.118 to 10.246.9.11 port = 3389 keep state group 200
  343. pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.11 port = 3389 keep state group 200
  344. pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.11 port = 5631 keep state group 200
  345. pass in quick proto tcp from 10.0.57.58 to 10.246.9.10 port = 3389 keep state group 200
  346. pass in quick proto tcp from 10.0.57.106 to 10.246.9.10 port = 3389 keep state group 200
  347. pass in quick proto tcp from 10.0.119.18 to 10.246.9.10 port = 3389 keep state group 200
  348. pass in quick proto tcp from 10.0.119.118 to 10.246.9.10 port = 3389 keep state group 200
  349. pass in quick proto tcp from 10.0.57.58 to 10.246.9.12 port = 3389 keep state group 200
  350. pass in quick proto tcp from 10.0.57.106 to 10.246.9.12 port = 3389 keep state group 200
  351. pass in quick proto tcp from 10.0.119.18 to 10.246.9.12 port = 3389 keep state group 200
  352. pass in quick proto tcp from 10.0.119.118 to 10.246.9.12 port = 3389 keep state group 200
  353. pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.10 port = 3389 keep state group 200
  354. pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.10 port = 5631 keep state group 200
  355. pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.12 port = 3389 keep state group 200
  356. pass in quick proto tcp from 149.138.25.32/29 to 10.246.9.12 port = 5631 keep state group 200
  357. pass in quick proto tcp from any to 10.246.9.30 port = 22 keep state group 200
  358. pass in quick proto tcp/udp from 10.246.0.10 to 10.246.9.31 port 136 >< 140 keep state group 200
  359. pass in quick proto tcp/udp from 10.246.0.10 to 10.246.9.32 port 136 >< 140 keep state group 200
  360. pass in quick proto tcp/udp from 10.246.0.11 to 10.246.9.31 port 136 >< 140 keep state group 200
  361. pass in quick proto tcp/udp from 10.246.0.11 to 10.246.9.32 port 136 >< 140 keep state group 200
  362. pass in quick proto tcp/udp from 10.246.0.111 to 10.246.9.31 port 136 >< 140 keep state group 200
  363. pass in quick proto tcp/udp from 10.246.0.111 to 10.246.9.32 port 136 >< 140 keep state group 200
  364. pass in quick proto tcp/udp from 10.246.0.49 to 10.246.9.31 port = 2967 keep state group 200
  365. pass in quick proto tcp/udp from 10.246.0.49 to 10.246.9.32 port = 2967 keep state group 200
  366. pass in quick proto tcp/udp from 10.246.0.49 to 10.246.9.31 port = 38293 keep state group 200
  367. pass in quick proto tcp/udp from 10.246.0.49 to 10.246.9.32 port = 38293 keep state group 200
  368. pass in quick proto tcp from any to 10.246.9.31 port = 5631 keep state group 200
  369. pass in quick proto tcp/udp from any to 10.246.9.31 port = 5632 keep state group 200
  370. pass in quick proto tcp from any to 10.246.9.31 port = 5900 keep state group 200
  371. pass in quick proto tcp from any to 10.246.9.32 port = 5631 keep state group 200
  372. pass in quick proto tcp/udp from any to 10.246.9.32 port = 5632 keep state group 200
  373. pass in quick proto tcp from any to 10.246.9.32 port = 5900 keep state group 200
  374. pass in quick proto tcp from any to 10.246.9.30 port = 1521 keep state group 200
  375. pass in quick proto tcp from any to 10.246.9.30 port 5499 >< 5503 keep state group 200
  376. pass in quick proto tcp from any to 10.246.9.30 port = 1810 keep state group 200
  377. pass in quick proto tcp from any to 10.246.9.30 port 1829 >< 1832 keep state group 200
  378. pass in quick proto tcp from any to 10.246.9.31 port 1539 >< 1543 keep state group 200
  379. pass in quick proto tcp from any to 10.246.9.31 port = 2016 keep state group 200
  380. pass in quick proto tcp from 10.245.1.1 to 10.246.9.31 keep state group 200
  381. pass in quick proto tcp from 10.245.1.2 to 10.246.9.31 keep state group 200
  382. pass in quick proto tcp from 10.245.1.3 to 10.246.9.31 keep state group 200
  383. pass in quick proto tcp from 10.0.119.33 to 10.246.9.31 keep state group 200
  384. pass in quick proto tcp from 10.0.118.56 to 10.246.9.31 keep state group 200
  385. pass in quick proto tcp from any to 10.246.9.32 port = 8080 keep state group 200
  386. pass in quick proto tcp from any to 10.246.9.32 port = 80 keep state group 200
  387. pass in quick proto tcp from 10.245.0.42 to 10.246.9.0/24 port = 5900 keep state group 200
  388. pass in quick proto tcp from 10.245.0.42 to 10.246.9.0/24 port = 3389 keep state group 200
  389. pass in quick proto tcp from 10.245.0.42 to 10.246.9.0/24 port = 5631 keep state group 200
  390. pass in quick proto tcp from 10.0.119.181 to 10.246.9.0/24 port = 5900 keep state group 200
  391. pass in quick proto tcp from 10.0.119.181 to 10.246.9.0/24 port = 3389 keep state group 200
  392. pass in quick proto tcp from 10.0.119.181 to 10.246.9.0/24 port = 5631 keep state group 200
  393. block in log first quick from any to any group 200
  394. pass in quick proto icmp from any to any keep state group 100
  395. pass in quick proto tcp from 10.246.9.0/24 to 10.245.0.55 port = 3128 keep state group 100
  396. pass in quick proto tcp from any to any port = 23 keep state group 100
  397. pass in quick proto tcp from any to any port = 22 keep state group 100
  398. pass in quick proto udp from any to any port = 123 keep state group 100
  399. pass in quick proto udp from any to 192.168.7.36 port = 53 keep state group 100
  400. pass in quick proto udp from any to 192.168.7.37 port = 53 keep state group 100
  401. pass in quick proto tcp from 10.246.9.2 port = 20 to any keep state group 100
  402. pass in quick proto tcp from 10.246.9.2 to 64.23.81.158 keep state group 100
  403. pass in quick proto tcp from 10.246.9.2 to 199.72.30.59 keep state group 100
  404. pass in quick proto tcp from 10.246.9.2 to 66.182.142.82 keep state group 100
  405. pass in quick proto tcp from 10.246.9.2 to 207.157.43.66 keep state group 100
  406. pass in quick proto tcp from 10.246.9.3 to 10.0.67.0/24 keep state group 100
  407. pass in quick proto tcp from 10.246.9.3 to any port = 5500 keep state group 100
  408. pass in quick proto tcp from 10.246.9.3 to any port = 18000 keep state group 100
  409. pass in quick proto tcp from 10.246.9.3 to any port = 1723 keep state group 100
  410. pass in quick proto tcp from 10.246.9.3 to 206.197.159.9 keep state group 100
  411. pass in quick proto tcp from 10.246.9.3 to 10.0.67.223 keep state group 100
  412. pass in quick proto icmp from 10.246.9.3 to 10.0.67.223 keep state group 100
  413. pass in quick proto tcp from 10.246.9.12 to 10.248.0.20 port = 7100 keep state group 100
  414. pass in quick proto tcp from 10.246.9.12 to 10.248.0.20 port = 7200 keep state group 100
  415. pass in quick from any to 10.245.0.49 keep state group 100
  416. pass in quick proto udp from any to 10.245.0.11 port = 137 keep state group 100
  417. pass in quick proto tcp/udp from any to any port = 3389 keep state group 100
  418. pass in quick proto tcp from any to any port = 5631 keep state group 100
  419. pass in quick proto tcp from 10.246.9.0/24 to 192.168.7.139 port = 1500 keep state keep frags group 100
  420. pass in quick proto tcp from 10.246.9.0/24 to 192.168.7.139 port 1579 >< 1582 keep state group 100
  421. pass in quick proto tcp from 10.246.9.0/24 to 10.249.0.1 port = 1500 keep state keep frags group 100
  422. pass in quick proto tcp from 10.246.9.0/24 to 10.249.0.1 port 1579 >< 1582 keep state group 100
  423. pass in quick proto tcp/udp from 10.246.9.31 to 10.246.0.10 port 136 >< 140 keep state group 100
  424. pass in quick proto tcp/udp from 10.246.9.32 to 10.246.0.10 port 136 >< 140 keep state group 100
  425. pass in quick proto tcp/udp from 10.246.9.31 to 10.246.0.11 port 136 >< 140 keep state group 100
  426. pass in quick proto tcp/udp from 10.246.9.32 to 10.246.0.11 port 136 >< 140 keep state group 100
  427. pass in quick proto tcp/udp from 10.246.9.31 to 10.246.0.111 port 136 >< 140 keep state group 100
  428. pass in quick proto tcp/udp from 10.246.9.32 to 10.246.0.111 port 136 >< 140 keep state group 100
  429. pass in quick proto tcp/udp from 10.246.9.31 to 10.246.0.49 port = 2967 keep state group 100
  430. pass in quick proto tcp/udp from 10.246.9.32 to 10.246.0.49 port = 2967 keep state group 100
  431. pass in quick proto tcp/udp from 10.246.9.31 to 10.246.0.49 port = 38293 keep state group 100
  432. pass in quick proto tcp/udp from 10.246.9.32 to 10.246.0.49 port = 38293 keep state group 100
  433. pass in quick proto tcp from 10.246.9.31 to 10.245.1.1 keep state group 100
  434. pass in quick proto tcp from 10.246.9.31 to 10.245.1.2 keep state group 100
  435. pass in quick proto tcp from 10.246.9.31 to 10.245.1.3 keep state group 100
  436. pass in quick proto tcp from 10.246.9.31 to 10.0.119.33 keep state group 100
  437. pass in quick proto tcp from 10.246.9.31 to 10.0.118.56 keep state group 100
  438. pass in quick proto tcp from 10.246.9.30 to 10.240.0.5 port = 25 keep state group 100
  439. block in log first quick from any to any group 100
  440.        
  441. #---------------------------------------------------------------------------
  442. # default rules (just to be sure)
  443. #---------------------------------------------------------------------------
  444. block in log quick all
  445. block out log quick all
  446.  
  447. unparsed ipfw rules
  448.  
  449. add 50000 set 4 pass all from 10.246.9.254 to any
  450. add 50001 set 4 pass all from any to 10.246.9.254
  451.  
  452. resolv.conf
  453.  
  454. domain hhsys.int
  455. nameserver 192.168.7.36
  456. nameserver 192.168.7.37
  457.  
  458. Processes
  459.  
  460. USER     PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
  461. root       0  0.0  0.0     0    0  ??  DLs   9Nov05   0:00.00  (swapper)
  462. root   76786  0.0  0.4  1332  968  ??  SN    4:13PM   0:00.00 sh -c ps xauww 2>&1
  463. root   76767  0.0  0.8  2376 1872  ??  S     4:13PM   0:00.02 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid
  464. root   76766  0.0  0.8  2376 1872  ??  S     4:13PM   0:00.00 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid
  465. root   76765  0.0  2.5  6684 6140  ??  SN    4:13PM   0:00.07 /usr/local/bin/php status.php
  466. root   75197  0.0  0.3  1028  764  ??  SNs   2:13PM   0:00.22 /usr/sbin/syslogd -s -f /var/etc/syslog.conf
  467. nobody   611  0.0  0.3  1012  780  ??  IN    9Nov05   0:00.00 /usr/local/sbin/dnsmasq
  468. root     165  0.0  0.3  1104  808  ??  I     9Nov05   0:00.13 /usr/local/bin/msntp -r -P no -l /var/run/msntp.pid -x 300 gw.hhsys.int
  469. root     117  0.0  0.4  1344  896  ??  I     9Nov05   0:00.00 /bin/sh /etc/rc.initial console
  470. root     104  0.0  0.3  1332  840 con- I     9Nov05   0:00.01 /bin/sh /usr/local/bin/runmsntp.sh /var/run/runmsntp.pid /var/run/msntp.pid 300  gw.hhsys.int
  471. root      96  0.0  0.7  2292 1640  ??  Ss    9Nov05   0:07.04 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid
  472. root      88  0.0  0.5  1456 1224  ??  Ss    9Nov05   1:26.82 /sbin/ipmon -sD
  473. root      12  0.0  0.0     0    0  ??  DL    9Nov05   0:10.44  (vnlru)
  474. root      11  0.0  0.0     0    0  ??  DL    9Nov05   0:16.27  (syncer)
  475. root      10  0.0  0.0     0    0  ??  DL    9Nov05   0:10.24  (bufdaemon)
  476. root       9  0.0  0.0     0    0  ??  DL    9Nov05   0:02.40  (pagedaemon)
  477. root       8  0.0  0.0     0    0  ??  DL    9Nov05   0:00.17  (usb3)
  478. root       7  0.0  0.0     0    0  ??  DL    9Nov05   0:00.18  (usb2)
  479. root       6  0.0  0.0     0    0  ??  DL    9Nov05   0:00.21  (usb1)
  480. root       5  0.0  0.0     0    0  ??  DL    9Nov05   0:00.00  (usbtask)
  481. root       4  0.0  0.0     0    0  ??  DL    9Nov05   0:00.18  (usb0)
  482. root       3  0.0  0.0     0    0  ??  DL    9Nov05   0:00.00  (taskqueue)
  483. root       2  0.0  0.0     0    0  ??  DL    9Nov05   0:00.00  (cryptoret)
  484. root       1  0.0  0.3  1060  696  ??  ILs   9Nov05   0:00.81 /sbin/init --
  485. root   76787  0.0  0.3  1080  676  ??  RN    4:13PM   0:00.00 ps xauww
  486.  
  487. dhcpd.conf
  488.  
  489. cat: /var/etc/dhcpd.conf: No such file or directory
  490.  
  491. ez-ipupdate.cache
  492.  
  493. cat: /conf/ez-ipupdate.cache: No such file or directory
  494.  
  495. df
  496.  
  497. Filesystem 512-blocks  Used Avail Capacity  Mounted on
  498. /dev/md0c       21758 19590  2168    90%    /
  499. procfs              8     8     0   100%    /proc
  500. /dev/ad0a       11838 11014   824    93%    /cf
  501.  
  502. racoon.conf
  503.  
  504. cat: /var/etc/racoon.conf: No such file or directory
  505.  
  506. SPD
  507.  
  508. No SPD entries.
  509.  
  510. SAD
  511.  
  512. No SAD entries.
  513.  
  514. last 200 system log entries
  515.  
  516. Nov  9 11:02:39 ms-other-fw /kernel: Copyright (c) 1992-2005 The FreeBSD Project.
  517. Nov  9 11:02:39 ms-other-fw /kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
  518. Nov  9 11:02:39 ms-other-fw /kernel: The Regents of the University of California. All rights reserved.
  519. Nov  9 11:02:39 ms-other-fw /kernel: FreeBSD 4.11-RELEASE-p11 #0: Wed Sep  7 13:49:09 CEST 2005
  520. Nov  9 11:02:39 ms-other-fw /kernel: root@fb411.neon1.net:/usr/src/sys/compile/M0N0WALL_GENERIC
  521. Nov  9 11:02:39 ms-other-fw /kernel: Timecounter "i8254"  frequency 1193182 Hz
  522. Nov  9 11:02:39 ms-other-fw /kernel: CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2800.12-MHz 686-class CPU)
  523. Nov  9 11:02:39 ms-other-fw /kernel: Origin = "GenuineIntel"  Id = 0xf29  Stepping = 9
  524. Nov  9 11:02:39 ms-other-fw /kernel: Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
  525. Nov  9 11:02:39 ms-other-fw /kernel: Hyperthreading: 2 logical CPUs
  526. Nov  9 11:02:39 ms-other-fw /kernel: real memory  = 268369920 (262080K bytes)
  527. Nov  9 11:02:39 ms-other-fw /kernel: avail memory = 244486144 (238756K bytes)
  528. Nov  9 11:02:39 ms-other-fw /kernel: Preloaded elf kernel "kernel" at 0xc1006000.
  529. Nov  9 11:02:39 ms-other-fw /kernel: Preloaded mfs_root "/mfsroot" at 0xc100609c.
  530. Nov  9 11:02:39 ms-other-fw /kernel: Warning: Pentium 4 CPU: PSE disabled
  531. Nov  9 11:02:39 ms-other-fw /kernel: Pentium Pro MTRR support enabled
  532. Nov  9 11:02:39 ms-other-fw /kernel: md0: Preloaded image </mfsroot> 11534336 bytes at 0xc0504d9c
  533. Nov  9 11:02:39 ms-other-fw /kernel: md1: Malloc disk
  534. Nov  9 11:02:39 ms-other-fw /kernel: Using $PIR table, 8 entries at 0xc00fdee0
  535. Nov  9 11:02:39 ms-other-fw /kernel: npx0: <math processor> on motherboard
  536. Nov  9 11:02:39 ms-other-fw /kernel: npx0: INT 16 interface
  537. Nov  9 11:02:39 ms-other-fw /kernel: pcib0: <Host to PCI bridge> on motherboard
  538. Nov  9 11:02:39 ms-other-fw /kernel: pci0: <PCI bus> on pcib0
  539. Nov  9 11:02:39 ms-other-fw /kernel: pcib1: <PCI to PCI bridge (vendor=8086 device=2579)> at device 1.0 on pci0
  540. Nov  9 11:02:39 ms-other-fw /kernel: pci1: <PCI bus> on pcib1
  541. Nov  9 11:02:39 ms-other-fw /kernel: pcib2: <PCI to PCI bridge (vendor=8086 device=257b)> at device 3.0 on pci0
  542. Nov  9 11:02:39 ms-other-fw /kernel: pci2: <PCI bus> on pcib2
  543. Nov  9 11:02:39 ms-other-fw /kernel: em0: <Intel(R) PRO/1000 Network Connection, Version - 1.7.42> port 0x9000-0x901f mem 0xf3000000-0xf301ffff irq 5 at device 1.0 on pci2
  544. Nov  9 11:02:39 ms-other-fw /kernel: em0:  Speed:N/A  Duplex:N/A
  545. Nov  9 11:02:39 ms-other-fw /kernel: uhci0: <Intel 82801EB (ICH5) USB controller USB-A> port 0xbc00-0xbc1f irq 10 at device 29.0 on pci0
  546. Nov  9 11:02:39 ms-other-fw /kernel: usb0: <Intel 82801EB (ICH5) USB controller USB-A> on uhci0
  547. Nov  9 11:02:39 ms-other-fw /kernel: usb0: USB revision 1.0
  548. Nov  9 11:02:39 ms-other-fw /kernel: uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
  549. Nov  9 11:02:39 ms-other-fw /kernel: uhub0: 2 ports with 2 removable, self powered
  550. Nov  9 11:02:39 ms-other-fw /kernel: uhci1: <Intel 82801EB (ICH5) USB controller USB-B> port 0xb000-0xb01f irq 9 at device 29.1 on pci0
  551. Nov  9 11:02:39 ms-other-fw /kernel: usb1: <Intel 82801EB (ICH5) USB controller USB-B> on uhci1
  552. Nov  9 11:02:39 ms-other-fw /kernel: usb1: USB revision 1.0
  553. Nov  9 11:02:39 ms-other-fw /kernel: uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
  554. Nov  9 11:02:39 ms-other-fw /kernel: uhub1: 2 ports with 2 removable, self powered
  555. Nov  9 11:02:39 ms-other-fw /kernel: uhci2: <Intel 82801EB (ICH5) USB controller USB-C> port 0xb400-0xb41f irq 5 at device 29.2 on pci0
  556. Nov  9 11:02:39 ms-other-fw /kernel: usb2: <Intel 82801EB (ICH5) USB controller USB-C> on uhci2
  557. Nov  9 11:02:39 ms-other-fw /kernel: usb2: USB revision 1.0
  558. Nov  9 11:02:39 ms-other-fw /kernel: uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
  559. Nov  9 11:02:39 ms-other-fw /kernel: uhub2: 2 ports with 2 removable, self powered
  560. Nov  9 11:02:39 ms-other-fw /kernel: uhci3: <Intel 82801EB (ICH5) USB controller USB-D> port 0xb800-0xb81f irq 10 at device 29.3 on pci0
  561. Nov  9 11:02:39 ms-other-fw /kernel: usb3: <Intel 82801EB (ICH5) USB controller USB-D> on uhci3
  562. Nov  9 11:02:39 ms-other-fw /kernel: usb3: USB revision 1.0
  563. Nov  9 11:02:39 ms-other-fw /kernel: uhub3: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
  564. Nov  9 11:02:39 ms-other-fw /kernel: uhub3: 2 ports with 2 removable, self powered
  565. Nov  9 11:02:39 ms-other-fw /kernel: pci0: <USB controller> at 29.7 irq 12
  566. Nov  9 11:02:39 ms-other-fw /kernel: pcib3: <Intel 82801BA/BAM (ICH2) Hub to PCI bridge> at device 30.0 on pci0
  567. Nov  9 11:02:39 ms-other-fw /kernel: pci3: <PCI bus> on pcib3
  568. Nov  9 11:02:39 ms-other-fw /kernel: pci3: <ATI Mach64-GR graphics accelerator> at 1.0 irq 5
  569. Nov  9 11:02:39 ms-other-fw /kernel: em1: <Intel(R) PRO/1000 Network Connection, Version - 1.7.42> port 0xa400-0xa43f mem 0xf2000000-0xf201ffff irq 11 at device 2.0 on pci3
  570. Nov  9 11:02:39 ms-other-fw /kernel: em1:  Speed:N/A  Duplex:N/A
  571. Nov  9 11:02:39 ms-other-fw /kernel: isab0: <PCI to ISA bridge (vendor=8086 device=24d0)> at device 31.0 on pci0
  572. Nov  9 11:02:39 ms-other-fw /kernel: isa0: <ISA bus> on isab0
  573. Nov  9 11:02:39 ms-other-fw /kernel: atapci0: <Intel ICH5 ATA100 controller> port 0xf000-0xf00f,0-0x3,0-0x7,0-0x3,0-0x7 irq 0 at device 31.1 on pci0
  574. Nov  9 11:02:39 ms-other-fw /kernel: ata0: at 0x1f0 irq 14 on atapci0
  575. Nov  9 11:02:39 ms-other-fw /kernel: ata1: at 0x170 irq 15 on atapci0
  576. Nov  9 11:02:39 ms-other-fw /kernel: atapci1: <Intel ICH5 SATA150 controller> port 0xd000-0xd00f,0xcc00-0xcc03,0xc800-0xc807,0xc400-0xc403,0xc000-0xc007 irq 5 at device 31.2 on pci0
  577. Nov  9 11:02:39 ms-other-fw /kernel: ata2: at 0xc000 on atapci1
  578. Nov  9 11:02:39 ms-other-fw /kernel: ata3: at 0xc800 on atapci1
  579. Nov  9 11:02:39 ms-other-fw /kernel: pci0: <unknown card> (vendor=0x8086, dev=0x24d3) at 31.3 irq 11
  580. Nov  9 11:02:39 ms-other-fw /kernel: orm0: <Option ROM> at iomem 0xc0000-0xc7fff on isa0
  581. Nov  9 11:02:39 ms-other-fw /kernel: pmtimer0 on isa0
  582. Nov  9 11:02:39 ms-other-fw /kernel: fdc0: <NEC 72065B or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0
  583. Nov  9 11:02:39 ms-other-fw /kernel: fdc0: FIFO enabled, 8 bytes threshold
  584. Nov  9 11:02:39 ms-other-fw /kernel: fd0: <1440-KB 3.5" drive> on fdc0 drive 0
  585. Nov  9 11:02:39 ms-other-fw /kernel: atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
  586. Nov  9 11:02:39 ms-other-fw /kernel: atkbd0: <AT Keyboard> flags 0x1 irq 1 on atkbdc0
  587. Nov  9 11:02:39 ms-other-fw /kernel: kbd0 at atkbd0
  588. Nov  9 11:02:39 ms-other-fw /kernel: vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
  589. Nov  9 11:02:39 ms-other-fw /kernel: sc0: <System console> at flags 0x100 on isa0
  590. Nov  9 11:02:39 ms-other-fw /kernel: sc0: VGA <16 virtual consoles, flags=0x300>
  591. Nov  9 11:02:39 ms-other-fw /kernel: sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
  592. Nov  9 11:02:39 ms-other-fw /kernel: sio0: type 16550A
  593. Nov  9 11:02:39 ms-other-fw /kernel: sio1 at port 0x2f8-0x2ff irq 3 on isa0
  594. Nov  9 11:02:39 ms-other-fw /kernel: sio1: type 16550A
  595. Nov  9 11:02:39 ms-other-fw /kernel: BRIDGE 020214 loaded
  596. Nov  9 11:02:39 ms-other-fw /kernel: IPsec: Initialized Security Association Processing.
  597. Nov  9 11:02:39 ms-other-fw /kernel: IP Filter: v3.4.35 initialized.  Default = block all, Logging = enabled
  598. Nov  9 11:02:39 ms-other-fw /kernel: ad0: 38166MB <WDC WD400BB-22HEA1> [77545/16/63] at ata0-master PIO4
  599. Nov  9 11:02:39 ms-other-fw /kernel: acd0: CDROM <CDU5211> at ata1-master PIO4
  600. Nov  9 11:02:39 ms-other-fw /kernel: Mounting root from ufs:/dev/md0c
  601. Nov  9 11:02:39 ms-other-fw dnsmasq[101]: started, version 2.22 cachesize 150
  602. Nov  9 11:02:39 ms-other-fw dnsmasq[101]: setting --bind-interfaces option because of OS limitations
  603. Nov  9 11:02:39 ms-other-fw dnsmasq[101]: setting --bind-interfaces option because of OS limitations
  604. Nov  9 11:02:39 ms-other-fw dnsmasq[101]: read /etc/hosts - 4 addresses
  605. Nov  9 11:02:39 ms-other-fw dnsmasq[101]: reading /etc/resolv.conf
  606. Nov  9 11:02:39 ms-other-fw dnsmasq[101]: using nameserver 192.168.7.37#53
  607. Nov  9 11:02:39 ms-other-fw dnsmasq[101]: using nameserver 192.168.7.36#53
  608. Nov  9 11:02:40 ms-other-fw /kernel: em0: Link is up 100 Mbps Half Duplex
  609. Nov  9 11:02:41 ms-other-fw /kernel: em1: Link is up 100 Mbps Half Duplex
  610. Nov  9 11:03:07 ms-other-fw /kernel: em1: Link is Down
  611. Nov  9 11:03:27 ms-other-fw /kernel: em1: Link is up 100 Mbps Half Duplex
  612. Nov  9 11:03:29 ms-other-fw syslogd: sendto: No route to host
  613. Nov  9 11:04:00 ms-other-fw last message repeated 30 times
  614. Nov  9 11:04:18 ms-other-fw last message repeated 4 times
  615. Nov  9 11:18:18 ms-other-fw /kernel: em0: Link is up 100 Mbps Full Duplex
  616. Nov  9 11:18:25 ms-other-fw /kernel: em1: Link is up 100 Mbps Full Duplex
  617. Nov  9 11:25:03 ms-other-fw dnsmasq[101]: exiting on receipt of SIGTERM
  618. Nov  9 11:25:04 ms-other-fw dnsmasq[611]: started, version 2.22 cachesize 150
  619. Nov  9 11:25:04 ms-other-fw dnsmasq[611]: setting --bind-interfaces option because of OS limitations
  620. Nov  9 11:25:04 ms-other-fw dnsmasq[611]: setting --bind-interfaces option because of OS limitations
  621. Nov  9 11:25:04 ms-other-fw dnsmasq[611]: read /etc/hosts - 4 addresses
  622. Nov  9 11:25:04 ms-other-fw dnsmasq[611]: reading /etc/resolv.conf
  623. Nov  9 11:25:04 ms-other-fw dnsmasq[611]: using nameserver 192.168.7.37#53
  624. Nov  9 11:25:04 ms-other-fw dnsmasq[611]: using nameserver 192.168.7.36#53
  625. Dec 12 14:13:54 ms-other-fw syslogd: exiting on signal 15
  626.  
  627. last 50 filter log entries
  628.  
  629. Dec 12 16:12:02 ms-other-fw ipmon[88]: 16:12:02.223689 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  630. Dec 12 16:12:02 ms-other-fw ipmon[88]: 16:12:02.321753 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 96 IN
  631. Dec 12 16:12:03 ms-other-fw ipmon[88]: 16:12:02.904682 em0 @100:47 b 10.246.9.2,138 -> 10.246.9.255,138 PR udp len 20 240 IN
  632. Dec 12 16:12:03 ms-other-fw ipmon[88]: 16:12:03.153518 em1 @200:79 b 10.251.0.2,138 -> 10.251.0.255,138 PR udp len 20 229 IN
  633. Dec 12 16:12:04 ms-other-fw ipmon[88]: 16:12:03.723714 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  634. Dec 12 16:12:04 ms-other-fw ipmon[88]: 16:12:03.821834 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 96 IN
  635. Dec 12 16:12:05 ms-other-fw ipmon[88]: 16:12:05.223749 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  636. Dec 12 16:12:05 ms-other-fw ipmon[88]: 16:12:05.321880 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 96 IN
  637. Dec 12 16:12:07 ms-other-fw ipmon[88]: 16:12:06.723802 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  638. Dec 12 16:12:07 ms-other-fw ipmon[88]: 16:12:06.821902 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 96 IN
  639. Dec 12 16:12:08 ms-other-fw ipmon[88]: 16:12:08.223820 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  640. Dec 12 16:12:08 ms-other-fw ipmon[88]: 16:12:08.321930 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 96 IN
  641. Dec 12 16:12:10 ms-other-fw ipmon[88]: 16:12:09.723859 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  642. Dec 12 16:12:10 ms-other-fw ipmon[88]: 16:12:09.822006 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 96 IN
  643. Dec 12 16:12:11 ms-other-fw ipmon[88]: 16:12:11.223905 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  644. Dec 12 16:12:11 ms-other-fw ipmon[88]: 16:12:11.322006 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 96 IN
  645. Dec 12 16:12:13 ms-other-fw ipmon[88]: 16:12:12.723943 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  646. Dec 12 16:12:13 ms-other-fw ipmon[88]: 16:12:12.822033 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 96 IN
  647. Dec 12 16:12:14 ms-other-fw ipmon[88]: 16:12:14.223981 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  648. Dec 12 16:12:16 ms-other-fw ipmon[88]: 16:12:15.724031 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  649. Dec 12 16:12:17 ms-other-fw ipmon[88]: 16:12:17.224050 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  650. Dec 12 16:12:19 ms-other-fw ipmon[88]: 16:12:18.724081 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  651. Dec 12 16:12:20 ms-other-fw ipmon[88]: 16:12:20.224138 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  652. Dec 12 16:12:22 ms-other-fw ipmon[88]: 16:12:21.724155 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  653. Dec 12 16:12:23 ms-other-fw ipmon[88]: 16:12:23.224206 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  654. Dec 12 16:12:25 ms-other-fw ipmon[88]: 16:12:24.724252 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  655. Dec 12 16:12:25 ms-other-fw ipmon[88]: 16:12:25.490042 em0 @100:47 b 10.246.9.11,138 -> 10.246.9.255,138 PR udp len 20 229 IN
  656. Dec 12 16:12:26 ms-other-fw ipmon[88]: 16:12:26.224282 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  657. Dec 12 16:12:28 ms-other-fw ipmon[88]: 16:12:27.724318 em0 @100:47 b 10.246.9.11,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  658. Dec 12 16:12:30 ms-other-fw ipmon[88]: 16:12:29.932213 6x em1 @200:79 b 10.251.0.253,520 -> 255.255.255.255,520 PR udp len 20 532 IN
  659. Dec 12 16:12:36 ms-other-fw ipmon[88]: 16:12:36.566890 em0 @0:11 b 10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 1344 -AP IN
  660. Dec 12 16:12:48 ms-other-fw ipmon[88]: 16:12:47.894064 em0 @100:47 b 10.246.9.32,138 -> 10.246.9.255,138 PR udp len 20 267 IN
  661. Dec 12 16:13:01 ms-other-fw ipmon[88]: 16:13:01.436312 4x em1 @200:79 b 10.251.0.253,520 -> 255.255.255.255,520 PR udp len 20 532 IN
  662. Dec 12 16:13:02 ms-other-fw ipmon[88]: 16:13:01.644059 2x em1 @200:79 b 10.251.0.253,520 -> 255.255.255.255,520 PR udp len 20 532 IN
  663. Dec 12 16:13:19 ms-other-fw ipmon[88]: 16:13:19.604089 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  664. Dec 12 16:13:21 ms-other-fw ipmon[88]: 16:13:21.104035 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  665. Dec 12 16:13:22 ms-other-fw ipmon[88]: 16:13:22.604054 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  666. Dec 12 16:13:24 ms-other-fw ipmon[88]: 16:13:24.104136 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  667. Dec 12 16:13:24 ms-other-fw ipmon[88]: 16:13:24.140661 em0 @100:47 b 10.246.9.2,515 -> 255.255.255.255,515 PR udp len 20 62 IN
  668. Dec 12 16:13:25 ms-other-fw ipmon[88]: 16:13:25.604130 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  669. Dec 12 16:13:27 ms-other-fw ipmon[88]: 16:13:27.104186 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  670. Dec 12 16:13:28 ms-other-fw ipmon[88]: 16:13:28.604232 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  671. Dec 12 16:13:30 ms-other-fw ipmon[88]: 16:13:30.104351 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  672. Dec 12 16:13:31 ms-other-fw ipmon[88]: 16:13:31.604293 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  673. Dec 12 16:13:33 ms-other-fw ipmon[88]: 16:13:32.965032 3x em1 @200:79 b 10.251.0.253,520 -> 255.255.255.255,520 PR udp len 20 532 IN
  674. Dec 12 16:13:33 ms-other-fw ipmon[88]: 16:13:33.104359 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  675. Dec 12 16:13:33 ms-other-fw ipmon[88]: 16:13:33.120963 3x em1 @200:79 b 10.251.0.253,520 -> 255.255.255.255,520 PR udp len 20 532 IN
  676. Dec 12 16:13:34 ms-other-fw ipmon[88]: 16:13:34.604458 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  677. Dec 12 16:13:36 ms-other-fw ipmon[88]: 16:13:36.104423 em0 @100:47 b 10.246.9.12,137 -> 10.246.0.111,137 PR udp len 20 96 IN
  678. Dec 12 16:13:36 ms-other-fw ipmon[88]: 16:13:36.106803 em0 @100:47 b 10.246.9.10,137 -> 10.246.0.11,137 PR udp len 20 78 IN
  679.  
  680. ls /conf
  681.  
  682. config.xml
  683.  
  684. ls /var/run
  685.  
  686. dev.db
  687. dnsmasq.pid
  688. htpasswd
  689. ipmon.pid
  690. ld-elf.so.hints
  691. log
  692. mini_httpd.pid
  693. msntp.pid
  694. runmsntp.pid
  695. syslog.pid
  696. utmp
  697.  
  698. config.xml
  699.  
  700. <?xml version="1.0"?>
  701. <m0n0wall>
  702.     <version>1.6</version>
  703.     <system>
  704.         <hostname>ms-other-fw</hostname>
  705.         <domain>hhsys.int</domain>
  706.         <dnsallowoverride/>
  707.         <username>admin</username>
  708.         <password>xxxxx</password>
  709.         <timezone>CST6CDT</timezone>
  710.         <time-update-interval>300</time-update-interval>
  711.         <timeservers>gw.hhsys.int</timeservers>
  712.         <webgui>
  713.             <protocol>https</protocol>
  714.             <port/>
  715.             <certificate/>
  716.             <private-key/>
  717.         </webgui>
  718.         <dnsserver>192.168.7.36</dnsserver>
  719.         <dnsserver>192.168.7.37</dnsserver>
  720.         <harddiskstandby/>
  721.         <polling/>
  722.     </system>
  723.     <interfaces>
  724.         <lan>
  725.             <if>em0</if>
  726.             <ipaddr>10.246.9.254</ipaddr>
  727.             <subnet>24</subnet>
  728.         </lan>
  729.         <wan>
  730.             <if>em1</if>
  731.             <mtu/>
  732.             <spoofmac/>
  733.             <ipaddr>10.251.0.21</ipaddr>
  734.             <subnet>24</subnet>
  735.             <gateway>10.251.0.253</gateway>
  736.         </wan>
  737.     </interfaces>
  738.     <staticroutes/>
  739.     <pppoe/>
  740.     <pptp/>
  741.     <bigpond/>
  742.     <dyndns>
  743.         <type>dyndns</type>
  744.         <username/>
  745.         <password/>
  746.         <host/>
  747.         <mx/>
  748.     </dyndns>
  749.     <dhcpd>
  750.         <lan>
  751.             <range>
  752.                 <from>192.168.1.100</from>
  753.                 <to>192.168.1.199</to>
  754.             </range>
  755.         </lan>
  756.     </dhcpd>
  757.     <pptpd>
  758.         <mode/>
  759.         <redir/>
  760.         <localip/>
  761.         <remoteip/>
  762.     </pptpd>
  763.     <dnsmasq>
  764.         <enable/>
  765.     </dnsmasq>
  766.     <snmpd>
  767.         <syslocation/>
  768.         <syscontact/>
  769.         <rocommunity>public</rocommunity>
  770.     </snmpd>
  771.     <diag>
  772.         <ipv6nat>
  773.             <ipaddr/>
  774.         </ipv6nat>
  775.     </diag>
  776.     <bridge/>
  777.     <syslog>
  778.         <nentries>50</nentries>
  779.         <remoteserver>10.245.0.97</remoteserver>
  780.         <filter/>
  781.         <enable/>
  782.         <rawfilter/>
  783.     </syslog>
  784.     <nat>
  785.         <advancedoutbound>
  786.             <enable/>
  787.         </advancedoutbound>
  788.     </nat>
  789.     <filter>
  790.         <rule>
  791.             <type>pass</type>
  792.             <interface>wan</interface>
  793.             <source>
  794.                 <any/>
  795.             </source>
  796.             <destination>
  797.                 <any/>
  798.             </destination>
  799.             <descr>allow all (test rule)</descr>
  800.             <disabled/>
  801.         </rule>
  802.         <rule>
  803.             <type>pass</type>
  804.             <interface>wan</interface>
  805.             <protocol>icmp</protocol>
  806.             <source>
  807.                 <any/>
  808.             </source>
  809.             <destination>
  810.                 <any/>
  811.             </destination>
  812.             <descr>allow pings</descr>
  813.         </rule>
  814.         <rule>
  815.             <type>pass</type>
  816.             <interface>wan</interface>
  817.             <protocol>tcp</protocol>
  818.             <source>
  819.                 <any/>
  820.             </source>
  821.             <destination>
  822.                 <any/>
  823.                 <port>23</port>
  824.             </destination>
  825.             <descr>allow telnet</descr>
  826.         </rule>
  827.         <rule>
  828.             <type>pass</type>
  829.             <interface>wan</interface>
  830.             <protocol>tcp</protocol>
  831.             <source>
  832.                 <address>192.168.7.139</address>
  833.             </source>
  834.             <destination>
  835.                 <address>10.246.9.0/24</address>
  836.                 <port>1500-1501</port>
  837.             </destination>
  838.             <descr>allow tsmserv to do its thing (121205)</descr>
  839.         </rule>
  840.         <rule>
  841.             <type>pass</type>
  842.             <interface>wan</interface>
  843.             <protocol>tcp</protocol>
  844.             <source>
  845.                 <address>10.249.0.1</address>
  846.             </source>
  847.             <destination>
  848.                 <address>10.246.9.0/24</address>
  849.                 <port>1500-1501</port>
  850.             </destination>
  851.             <descr>allow tsmserv to do its thing (121205)</descr>
  852.         </rule>
  853.         <rule>
  854.             <type>pass</type>
  855.             <interface>wan</interface>
  856.             <protocol>tcp</protocol>
  857.             <source>
  858.                 <any/>
  859.             </source>
  860.             <destination>
  861.                 <network>lan</network>
  862.                 <port>1580-1583</port>
  863.             </destination>
  864.             <descr>tivoli web client access (110405)</descr>
  865.         </rule>
  866.         <rule>
  867.             <type>pass</type>
  868.             <interface>wan</interface>
  869.             <protocol>tcp</protocol>
  870.             <source>
  871.                 <address>10.246.0.85</address>
  872.             </source>
  873.             <destination>
  874.                 <address>10.246.9.2</address>
  875.             </destination>
  876.             <descr>medmined ftp report server</descr>
  877.         </rule>
  878.         <rule>
  879.             <type>pass</type>
  880.             <interface>wan</interface>
  881.             <protocol>tcp</protocol>
  882.             <source>
  883.                 <address>10.248.0.6</address>
  884.             </source>
  885.             <destination>
  886.                 <address>10.246.9.2</address>
  887.             </destination>
  888.             <descr>medmined ftp mits</descr>
  889.         </rule>
  890.         <rule>
  891.             <type>pass</type>
  892.             <interface>wan</interface>
  893.             <protocol>tcp</protocol>
  894.             <source>
  895.                 <address>10.0.119.80</address>
  896.             </source>
  897.             <destination>
  898.                 <address>10.246.9.2</address>
  899.             </destination>
  900.             <descr>medmined ftp viggen (seanr wkstatn)</descr>
  901.         </rule>
  902.         <rule>
  903.             <type>pass</type>
  904.             <interface>wan</interface>
  905.             <protocol>tcp</protocol>
  906.             <source>
  907.                 <address>10.245.0.53</address>
  908.             </source>
  909.             <destination>
  910.                 <address>10.246.9.2</address>
  911.             </destination>
  912.             <descr>medmined ftp h17parse1</descr>
  913.         </rule>
  914.         <rule>
  915.             <type>pass</type>
  916.             <interface>wan</interface>
  917.             <protocol>tcp</protocol>
  918.             <source>
  919.                 <address>10.245.0.54</address>
  920.             </source>
  921.             <destination>
  922.                 <address>10.246.9.2</address>
  923.             </destination>
  924.             <descr>medmined ftp h17parse2</descr>
  925.         </rule>
  926.         <rule>
  927.             <type>pass</type>
  928.             <interface>wan</interface>
  929.             <protocol>tcp</protocol>
  930.             <source>
  931.                 <address>10.0.119.33</address>
  932.             </source>
  933.             <destination>
  934.                 <address>10.246.9.2</address>
  935.             </destination>
  936.             <descr>medmined ftp brandons</descr>
  937.         </rule>
  938.         <rule>
  939.             <type>pass</type>
  940.             <interface>wan</interface>
  941.             <protocol>tcp</protocol>
  942.             <source>
  943.                 <address>10.0.119.18</address>
  944.             </source>
  945.             <destination>
  946.                 <address>10.246.9.2</address>
  947.                 <port>21</port>
  948.             </destination>
  949.             <descr>medmined ftp KL</descr>
  950.             <disabled/>
  951.         </rule>
  952.         <rule>
  953.             <type>pass</type>
  954.             <interface>wan</interface>
  955.             <protocol>tcp</protocol>
  956.             <source>
  957.                 <address>10.0.119.138</address>
  958.             </source>
  959.             <destination>
  960.                 <address>10.246.9.2</address>
  961.                 <port>21</port>
  962.             </destination>
  963.             <descr>medmined ftp brandon's windows</descr>
  964.             <disabled/>
  965.         </rule>
  966.         <rule>
  967.             <type>pass</type>
  968.             <interface>wan</interface>
  969.             <protocol>tcp</protocol>
  970.             <source>
  971.                 <any/>
  972.             </source>
  973.             <destination>
  974.                 <address>10.246.9.2</address>
  975.                 <port>5900</port>
  976.             </destination>
  977.             <descr>moya to medmined VNC</descr>
  978.         </rule>
  979.         <rule>
  980.             <type>pass</type>
  981.             <interface>wan</interface>
  982.             <protocol>tcp</protocol>
  983.             <source>
  984.                 <any/>
  985.             </source>
  986.             <destination>
  987.                 <address>10.246.9.3</address>
  988.                 <port>5500</port>
  989.             </destination>
  990.             <descr>employee pharmancy to amerisource</descr>
  991.         </rule>
  992.         <rule>
  993.             <type>pass</type>
  994.             <interface>wan</interface>
  995.             <protocol>tcp</protocol>
  996.             <source>
  997.                 <any/>
  998.             </source>
  999.             <destination>
  1000.                 <address>10.246.9.3</address>
  1001.                 <port>18000</port>
  1002.             </destination>
  1003.             <descr>employee pharmancy to amerisource</descr>
  1004.         </rule>
  1005.         <rule>
  1006.             <type>pass</type>
  1007.             <interface>wan</interface>
  1008.             <protocol>tcp</protocol>
  1009.             <source>
  1010.                 <any/>
  1011.             </source>
  1012.             <destination>
  1013.                 <address>10.246.9.3</address>
  1014.                 <port>1723</port>
  1015.             </destination>
  1016.             <descr>employee pharmancy to amerisource</descr>
  1017.         </rule>
  1018.         <rule>
  1019.             <type>pass</type>
  1020.             <interface>wan</interface>
  1021.             <protocol>tcp</protocol>
  1022.             <source>
  1023.                 <address>10.0.67.0/24</address>
  1024.             </source>
  1025.             <destination>
  1026.                 <address>10.246.9.3</address>
  1027.                 <port>23</port>
  1028.             </destination>
  1029.             <descr>employee pharmancy telnet to server</descr>
  1030.             <disabled/>
  1031.         </rule>
  1032.         <rule>
  1033.             <type>pass</type>
  1034.             <interface>wan</interface>
  1035.             <protocol>tcp</protocol>
  1036.             <source>
  1037.                 <address>10.0.67.0/24</address>
  1038.             </source>
  1039.             <destination>
  1040.                 <address>10.246.9.3</address>
  1041.             </destination>
  1042.             <descr>employee pharmancy ftp to server (fixed 101405)</descr>
  1043.         </rule>
  1044.         <rule>
  1045.             <type>pass</type>
  1046.             <interface>wan</interface>
  1047.             <protocol>tcp</protocol>
  1048.             <source>
  1049.                 <address>10.0.119.33</address>
  1050.             </source>
  1051.             <destination>
  1052.                 <address>10.246.9.3</address>
  1053.             </destination>
  1054.             <descr>brandons ftp to server (fixed 101405)</descr>
  1055.         </rule>
  1056.         <rule>
  1057.             <type>pass</type>
  1058.             <interface>wan</interface>
  1059.             <protocol>tcp</protocol>
  1060.             <source>
  1061.                 <address>10.0.119.33</address>
  1062.             </source>
  1063.             <destination>
  1064.                 <address>10.246.9.3</address>
  1065.                 <port>23</port>
  1066.             </destination>
  1067.             <descr>brandons telnet to server</descr>
  1068.             <disabled/>
  1069.         </rule>
  1070.         <rule>
  1071.             <type>pass</type>
  1072.             <interface>wan</interface>
  1073.             <protocol>tcp</protocol>
  1074.             <source>
  1075.                 <address>10.248.0.20</address>
  1076.             </source>
  1077.             <destination>
  1078.                 <address>10.246.9.12</address>
  1079.                 <port>31101</port>
  1080.             </destination>
  1081.             <descr>lab system connections</descr>
  1082.         </rule>
  1083.         <rule>
  1084.             <type>pass</type>
  1085.             <interface>wan</interface>
  1086.             <protocol>tcp</protocol>
  1087.             <source>
  1088.                 <address>10.248.0.20</address>
  1089.             </source>
  1090.             <destination>
  1091.                 <address>10.246.9.12</address>
  1092.                 <port>32101</port>
  1093.             </destination>
  1094.             <descr>lab system connections</descr>
  1095.         </rule>
  1096.         <rule>
  1097.             <type>pass</type>
  1098.             <interface>wan</interface>
  1099.             <protocol>tcp</protocol>
  1100.             <source>
  1101.                 <any/>
  1102.             </source>
  1103.             <destination>
  1104.                 <address>10.251.0.21</address>
  1105.                 <port>80</port>
  1106.             </destination>
  1107.             <descr>allow http to the firewall</descr>
  1108.         </rule>
  1109.         <rule>
  1110.             <type>pass</type>
  1111.             <interface>wan</interface>
  1112.             <protocol>tcp</protocol>
  1113.             <source>
  1114.                 <any/>
  1115.             </source>
  1116.             <destination>
  1117.                 <address>10.251.0.21</address>
  1118.                 <port>443</port>
  1119.             </destination>
  1120.             <descr>allow http to the firewall</descr>
  1121.         </rule>
  1122.         <rule>
  1123.             <type>pass</type>
  1124.             <interface>wan</interface>
  1125.             <protocol>tcp</protocol>
  1126.             <source>
  1127.                 <any/>
  1128.             </source>
  1129.             <destination>
  1130.                 <address>10.246.9.254</address>
  1131.                 <port>80</port>
  1132.             </destination>
  1133.             <descr>allow http to the firewall</descr>
  1134.         </rule>
  1135.         <rule>
  1136.             <type>pass</type>
  1137.             <interface>wan</interface>
  1138.             <protocol>tcp</protocol>
  1139.             <source>
  1140.                 <any/>
  1141.             </source>
  1142.             <destination>
  1143.                 <address>10.246.9.11</address>
  1144.                 <port>80</port>
  1145.             </destination>
  1146.             <descr>http to encompass</descr>
  1147.         </rule>
  1148.         <rule>
  1149.             <type>pass</type>
  1150.             <interface>wan</interface>
  1151.             <protocol>tcp</protocol>
  1152.             <source>
  1153.                 <any/>
  1154.             </source>
  1155.             <destination>
  1156.                 <address>10.246.9.11</address>
  1157.                 <port>443</port>
  1158.             </destination>
  1159.             <descr>https to encompass</descr>
  1160.         </rule>
  1161.         <rule>
  1162.             <type>pass</type>
  1163.             <interface>wan</interface>
  1164.             <protocol>tcp</protocol>
  1165.             <source>
  1166.                 <address>10.0.57.58</address>
  1167.             </source>
  1168.             <destination>
  1169.                 <address>10.246.9.11</address>
  1170.                 <port>3389</port>
  1171.             </destination>
  1172.             <descr>terminal services to encompass</descr>
  1173.         </rule>
  1174.         <rule>
  1175.             <type>pass</type>
  1176.             <interface>wan</interface>
  1177.             <protocol>tcp</protocol>
  1178.             <source>
  1179.                 <address>10.0.57.106</address>
  1180.             </source>
  1181.             <destination>
  1182.                 <address>10.246.9.11</address>
  1183.                 <port>3389</port>
  1184.             </destination>
  1185.             <descr>terminal services to encompass (randall 102005)</descr>
  1186.         </rule>
  1187.         <rule>
  1188.             <type>pass</type>
  1189.             <interface>wan</interface>
  1190.             <protocol>tcp</protocol>
  1191.             <source>
  1192.                 <address>10.0.119.18</address>
  1193.             </source>
  1194.             <destination>
  1195.                 <address>10.246.9.11</address>
  1196.                 <port>3389</port>
  1197.             </destination>
  1198.             <descr>terminal services to encompass</descr>
  1199.         </rule>
  1200.         <rule>
  1201.             <type>pass</type>
  1202.             <interface>wan</interface>
  1203.             <protocol>tcp</protocol>
  1204.             <source>
  1205.                 <address>10.0.119.118</address>
  1206.             </source>
  1207.             <destination>
  1208.                 <address>10.246.9.11</address>
  1209.                 <port>3389</port>
  1210.             </destination>
  1211.             <descr>terminal services to encompass</descr>
  1212.         </rule>
  1213.         <rule>
  1214.             <type>pass</type>
  1215.             <interface>wan</interface>
  1216.             <protocol>tcp</protocol>
  1217.             <source>
  1218.                 <address>149.138.25.32/29</address>
  1219.             </source>
  1220.             <destination>
  1221.                 <address>10.246.9.11</address>
  1222.                 <port>3389</port>
  1223.             </destination>
  1224.             <descr>terminal services to encompass</descr>
  1225.         </rule>
  1226.         <rule>
  1227.             <type>pass</type>
  1228.             <interface>wan</interface>
  1229.             <protocol>tcp</protocol>
  1230.             <source>
  1231.                 <address>149.138.25.32/29</address>
  1232.             </source>
  1233.             <destination>
  1234.                 <address>10.246.9.11</address>
  1235.                 <port>5631</port>
  1236.             </destination>
  1237.             <descr>encompass  (pcanywhere)</descr>
  1238.         </rule>
  1239.         <rule>
  1240.             <type>pass</type>
  1241.             <interface>wan</interface>
  1242.             <protocol>tcp</protocol>
  1243.             <source>
  1244.                 <address>10.0.57.58</address>
  1245.             </source>
  1246.             <destination>
  1247.                 <address>10.246.9.10</address>
  1248.                 <port>3389</port>
  1249.             </destination>
  1250.             <descr>terminal services to encompass</descr>
  1251.         </rule>
  1252.         <rule>
  1253.             <type>pass</type>
  1254.             <interface>wan</interface>
  1255.             <protocol>tcp</protocol>
  1256.             <source>
  1257.                 <address>10.0.57.106</address>
  1258.             </source>
  1259.             <destination>
  1260.                 <address>10.246.9.10</address>
  1261.                 <port>3389</port>
  1262.             </destination>
  1263.             <descr>terminal services to encompass (randall 102005)</descr>
  1264.         </rule>
  1265.         <rule>
  1266.             <type>pass</type>
  1267.             <interface>wan</interface>
  1268.             <protocol>tcp</protocol>
  1269.             <source>
  1270.                 <address>10.0.119.18</address>
  1271.             </source>
  1272.             <destination>
  1273.                 <address>10.246.9.10</address>
  1274.                 <port>3389</port>
  1275.             </destination>
  1276.             <descr>terminal services to encompass</descr>
  1277.         </rule>
  1278.         <rule>
  1279.             <type>pass</type>
  1280.             <interface>wan</interface>
  1281.             <protocol>tcp</protocol>
  1282.             <source>
  1283.                 <address>10.0.119.118</address>
  1284.             </source>
  1285.             <destination>
  1286.                 <address>10.246.9.10</address>
  1287.                 <port>3389</port>
  1288.             </destination>
  1289.             <descr>terminal services to encompass</descr>
  1290.         </rule>
  1291.         <rule>
  1292.             <type>pass</type>
  1293.             <interface>wan</interface>
  1294.             <protocol>tcp</protocol>
  1295.             <source>
  1296.                 <address>10.0.57.58</address>
  1297.             </source>
  1298.             <destination>
  1299.                 <address>10.246.9.12</address>
  1300.                 <port>3389</port>
  1301.             </destination>
  1302.             <descr>terminal services to encompass</descr>
  1303.         </rule>
  1304.         <rule>
  1305.             <type>pass</type>
  1306.             <interface>wan</interface>
  1307.             <protocol>tcp</protocol>
  1308.             <source>
  1309.                 <address>10.0.57.106</address>
  1310.             </source>
  1311.             <destination>
  1312.                 <address>10.246.9.12</address>
  1313.                 <port>3389</port>
  1314.             </destination>
  1315.             <descr>terminal services to encompass (randall 102005)</descr>
  1316.         </rule>
  1317.         <rule>
  1318.             <type>pass</type>
  1319.             <interface>wan</interface>
  1320.             <protocol>tcp</protocol>
  1321.             <source>
  1322.                 <address>10.0.119.18</address>
  1323.             </source>
  1324.             <destination>
  1325.                 <address>10.246.9.12</address>
  1326.                 <port>3389</port>
  1327.             </destination>
  1328.             <descr>terminal services to encompass</descr>
  1329.         </rule>
  1330.         <rule>
  1331.             <type>pass</type>
  1332.             <interface>wan</interface>
  1333.             <protocol>tcp</protocol>
  1334.             <source>
  1335.                 <address>10.0.119.118</address>
  1336.             </source>
  1337.             <destination>
  1338.                 <address>10.246.9.12</address>
  1339.                 <port>3389</port>
  1340.             </destination>
  1341.             <descr>terminal services to encompass</descr>
  1342.         </rule>
  1343.         <rule>
  1344.             <type>pass</type>
  1345.             <interface>wan</interface>
  1346.             <protocol>tcp</protocol>
  1347.             <source>
  1348.                 <address>149.138.25.32/29</address>
  1349.             </source>
  1350.             <destination>
  1351.                 <address>10.246.9.10</address>
  1352.                 <port>3389</port>
  1353.             </destination>
  1354.             <descr>terminal services to encompass</descr>
  1355.         </rule>
  1356.         <rule>
  1357.             <type>pass</type>
  1358.             <interface>wan</interface>
  1359.             <protocol>tcp</protocol>
  1360.             <source>
  1361.                 <address>149.138.25.32/29</address>
  1362.             </source>
  1363.             <destination>
  1364.                 <address>10.246.9.10</address>
  1365.                 <port>5631</port>
  1366.             </destination>
  1367.             <descr>encompass (pcanywhere)</descr>
  1368.         </rule>
  1369.         <rule>
  1370.             <type>pass</type>
  1371.             <interface>wan</interface>
  1372.             <protocol>tcp</protocol>
  1373.             <source>
  1374.                 <address>149.138.25.32/29</address>
  1375.             </source>
  1376.             <destination>
  1377.                 <address>10.246.9.12</address>
  1378.                 <port>3389</port>
  1379.             </destination>
  1380.             <descr>terminal services to encompass</descr>
  1381.         </rule>
  1382.         <rule>
  1383.             <type>pass</type>
  1384.             <interface>wan</interface>
  1385.             <protocol>tcp</protocol>
  1386.             <source>
  1387.                 <address>149.138.25.32/29</address>
  1388.             </source>
  1389.             <destination>
  1390.                 <address>10.246.9.12</address>
  1391.                 <port>5631</port>
  1392.             </destination>
  1393.             <descr>encompass  (pcanywhere)</descr>
  1394.         </rule>
  1395.         <rule>
  1396.             <type>pass</type>
  1397.             <interface>wan</interface>
  1398.             <protocol>tcp</protocol>
  1399.             <source>
  1400.                 <any/>
  1401.             </source>
  1402.             <destination>
  1403.                 <address>10.246.9.30</address>
  1404.                 <port>22</port>
  1405.             </destination>
  1406.             <descr>allow ssh to mobiuslinux</descr>
  1407.         </rule>
  1408.         <rule>
  1409.             <type>pass</type>
  1410.             <interface>wan</interface>
  1411.             <protocol>tcp/udp</protocol>
  1412.             <source>
  1413.                 <address>10.246.0.10</address>
  1414.             </source>
  1415.             <destination>
  1416.                 <address>10.246.9.31</address>
  1417.                 <port>137-139</port>
  1418.             </destination>
  1419.             <descr>allow PDC to mobiuscontent</descr>
  1420.         </rule>
  1421.         <rule>
  1422.             <type>pass</type>
  1423.             <interface>wan</interface>
  1424.             <protocol>tcp/udp</protocol>
  1425.             <source>
  1426.                 <address>10.246.0.10</address>
  1427.             </source>
  1428.             <destination>
  1429.                 <address>10.246.9.32</address>
  1430.                 <port>137-139</port>
  1431.             </destination>
  1432.             <descr>allow PDC to mobiusweb</descr>
  1433.         </rule>
  1434.         <rule>
  1435.             <type>pass</type>
  1436.             <interface>wan</interface>
  1437.             <protocol>tcp/udp</protocol>
  1438.             <source>
  1439.                 <address>10.246.0.11</address>
  1440.             </source>
  1441.             <destination>
  1442.                 <address>10.246.9.31</address>
  1443.                 <port>137-139</port>
  1444.             </destination>
  1445.             <descr>allow WINS to mobiuscontent</descr>
  1446.         </rule>
  1447.         <rule>
  1448.             <type>pass</type>
  1449.             <interface>wan</interface>
  1450.             <protocol>tcp/udp</protocol>
  1451.             <source>
  1452.                 <address>10.246.0.11</address>
  1453.             </source>
  1454.             <destination>
  1455.                 <address>10.246.9.32</address>
  1456.                 <port>137-139</port>
  1457.             </destination>
  1458.             <descr>allow WINS to mobiusweb</descr>
  1459.         </rule>
  1460.         <rule>
  1461.             <type>pass</type>
  1462.             <interface>wan</interface>
  1463.             <protocol>tcp/udp</protocol>
  1464.             <source>
  1465.                 <address>10.246.0.111</address>
  1466.             </source>
  1467.             <destination>
  1468.                 <address>10.246.9.31</address>
  1469.                 <port>137-139</port>
  1470.             </destination>
  1471.             <descr>allow WINS to mobiuscontent</descr>
  1472.         </rule>
  1473.         <rule>
  1474.             <type>pass</type>
  1475.             <interface>wan</interface>
  1476.             <protocol>tcp/udp</protocol>
  1477.             <source>
  1478.                 <address>10.246.0.111</address>
  1479.             </source>
  1480.             <destination>
  1481.                 <address>10.246.9.32</address>
  1482.                 <port>137-139</port>
  1483.             </destination>
  1484.             <descr>allow WINS to mobiusweb</descr>
  1485.         </rule>
  1486.         <rule>
  1487.             <type>pass</type>
  1488.             <interface>wan</interface>
  1489.             <protocol>tcp/udp</protocol>
  1490.             <source>
  1491.                 <address>10.246.0.49</address>
  1492.             </source>
  1493.             <destination>
  1494.                 <address>10.246.9.31</address>
  1495.                 <port>2967</port>
  1496.             </destination>
  1497.             <descr>ntnorton to mobiuscontent</descr>
  1498.         </rule>
  1499.         <rule>
  1500.             <type>pass</type>
  1501.             <interface>wan</interface>
  1502.             <protocol>tcp/udp</protocol>
  1503.             <source>
  1504.                 <address>10.246.0.49</address>
  1505.             </source>
  1506.             <destination>
  1507.                 <address>10.246.9.32</address>
  1508.                 <port>2967</port>
  1509.             </destination>
  1510.             <descr>ntnorton to mobiusweb</descr>
  1511.         </rule>
  1512.         <rule>
  1513.             <type>pass</type>
  1514.             <interface>wan</interface>
  1515.             <protocol>tcp/udp</protocol>
  1516.             <source>
  1517.                 <address>10.246.0.49</address>
  1518.             </source>
  1519.             <destination>
  1520.                 <address>10.246.9.31</address>
  1521.                 <port>38293</port>
  1522.             </destination>
  1523.             <descr>ntnorton to mobiuscontent</descr>
  1524.         </rule>
  1525.         <rule>
  1526.             <type>pass</type>
  1527.             <interface>wan</interface>
  1528.             <protocol>tcp/udp</protocol>
  1529.             <source>
  1530.                 <address>10.246.0.49</address>
  1531.             </source>
  1532.             <destination>
  1533.                 <address>10.246.9.32</address>
  1534.                 <port>38293</port>
  1535.             </destination>
  1536.             <descr>ntnorton to mobiusweb</descr>
  1537.         </rule>
  1538.         <rule>
  1539.             <type>pass</type>
  1540.             <interface>wan</interface>
  1541.             <protocol>tcp</protocol>
  1542.             <source>
  1543.                 <any/>
  1544.             </source>
  1545.             <destination>
  1546.                 <address>10.246.9.31</address>
  1547.                 <port>5631</port>
  1548.             </destination>
  1549.             <descr>mobiuscontent pcanywhere</descr>
  1550.         </rule>
  1551.         <rule>
  1552.             <type>pass</type>
  1553.             <interface>wan</interface>
  1554.             <protocol>tcp/udp</protocol>
  1555.             <source>
  1556.                 <any/>
  1557.             </source>
  1558.             <destination>
  1559.                 <address>10.246.9.31</address>
  1560.                 <port>5632</port>
  1561.             </destination>
  1562.             <descr>mobiuscontent pcanywhere (file transfer) todd</descr>
  1563.         </rule>
  1564.         <rule>
  1565.             <type>pass</type>
  1566.             <interface>wan</interface>
  1567.             <protocol>tcp</protocol>
  1568.             <source>
  1569.                 <any/>
  1570.             </source>
  1571.             <destination>
  1572.                 <address>10.246.9.31</address>
  1573.                 <port>5900</port>
  1574.             </destination>
  1575.             <descr>mobiuscontent vnc</descr>
  1576.         </rule>
  1577.         <rule>
  1578.             <type>pass</type>
  1579.             <interface>wan</interface>
  1580.             <protocol>tcp</protocol>
  1581.             <source>
  1582.                 <any/>
  1583.             </source>
  1584.             <destination>
  1585.                 <address>10.246.9.32</address>
  1586.                 <port>5631</port>
  1587.             </destination>
  1588.             <descr>mobiusweb pcanywhere</descr>
  1589.         </rule>
  1590.         <rule>
  1591.             <type>pass</type>
  1592.             <interface>wan</interface>
  1593.             <protocol>tcp/udp</protocol>
  1594.             <source>
  1595.                 <any/>
  1596.             </source>
  1597.             <destination>
  1598.                 <address>10.246.9.32</address>
  1599.                 <port>5632</port>
  1600.             </destination>
  1601.             <descr>mobiusweb pcanywhere (file transfer) todd</descr>
  1602.         </rule>
  1603.         <rule>
  1604.             <type>pass</type>
  1605.             <interface>wan</interface>
  1606.             <protocol>tcp</protocol>
  1607.             <source>
  1608.                 <any/>
  1609.             </source>
  1610.             <destination>
  1611.                 <address>10.246.9.32</address>
  1612.                 <port>5900</port>
  1613.             </destination>
  1614.             <descr>mobiusweb vnc</descr>
  1615.         </rule>
  1616.         <rule>
  1617.             <type>pass</type>
  1618.             <interface>wan</interface>
  1619.             <protocol>tcp</protocol>
  1620.             <source>
  1621.                 <any/>
  1622.             </source>
  1623.             <destination>
  1624.                 <address>10.246.9.30</address>
  1625.                 <port>1521</port>
  1626.             </destination>
  1627.             <descr>mobiuslinux oracle access</descr>
  1628.         </rule>
  1629.         <rule>
  1630.             <type>pass</type>
  1631.             <interface>wan</interface>
  1632.             <protocol>tcp</protocol>
  1633.             <source>
  1634.                 <any/>
  1635.             </source>
  1636.             <destination>
  1637.                 <address>10.246.9.30</address>
  1638.                 <port>5500-5502</port>
  1639.             </destination>
  1640.             <descr>mobiuslinux oracle access</descr>
  1641.         </rule>
  1642.         <rule>
  1643.             <type>pass</type>
  1644.             <interface>wan</interface>
  1645.             <protocol>tcp</protocol>
  1646.             <source>
  1647.                 <any/>
  1648.             </source>
  1649.             <destination>
  1650.                 <address>10.246.9.30</address>
  1651.                 <port>1810</port>
  1652.             </destination>
  1653.             <descr>mobiuslinux oracle access</descr>
  1654.         </rule>
  1655.         <rule>
  1656.             <type>pass</type>
  1657.             <interface>wan</interface>
  1658.             <protocol>tcp</protocol>
  1659.             <source>
  1660.                 <any/>
  1661.             </source>
  1662.             <destination>
  1663.                 <address>10.246.9.30</address>
  1664.                 <port>1830-1831</port>
  1665.             </destination>
  1666.             <descr>mobiuslinux oracle access</descr>
  1667.         </rule>
  1668.         <rule>
  1669.             <type>pass</type>
  1670.             <interface>wan</interface>
  1671.             <protocol>tcp</protocol>
  1672.             <source>
  1673.                 <any/>
  1674.             </source>
  1675.             <destination>
  1676.                 <address>10.246.9.31</address>
  1677.                 <port>1540-1542</port>
  1678.             </destination>
  1679.             <descr>mobiuscontent oracle access</descr>
  1680.         </rule>
  1681.         <rule>
  1682.             <type>pass</type>
  1683.             <interface>wan</interface>
  1684.             <protocol>tcp</protocol>
  1685.             <source>
  1686.                 <any/>
  1687.             </source>
  1688.             <destination>
  1689.                 <address>10.246.9.31</address>
  1690.                 <port>2016</port>
  1691.             </destination>
  1692.             <descr>mobiuscontent oracle access (101105)</descr>
  1693.         </rule>
  1694.         <rule>
  1695.             <type>pass</type>
  1696.             <interface>wan</interface>
  1697.             <protocol>tcp</protocol>
  1698.             <source>
  1699.                 <address>10.245.1.1</address>
  1700.             </source>
  1701.             <destination>
  1702.                 <address>10.246.9.31</address>
  1703.             </destination>
  1704.             <descr>cmos390 to mobiuscontent (ftp - todd/cheryl)</descr>
  1705.         </rule>
  1706.         <rule>
  1707.             <type>pass</type>
  1708.             <interface>wan</interface>
  1709.             <protocol>tcp</protocol>
  1710.             <source>
  1711.                 <address>10.245.1.2</address>
  1712.             </source>
  1713.             <destination>
  1714.                 <address>10.246.9.31</address>
  1715.             </destination>
  1716.             <descr>y2k390 to mobiuscontent (ftp - todd/cheryl) 111005</descr>
  1717.         </rule>
  1718.         <rule>
  1719.             <type>pass</type>
  1720.             <interface>wan</interface>
  1721.             <protocol>tcp</protocol>
  1722.             <source>
  1723.                 <address>10.245.1.3</address>
  1724.             </source>
  1725.             <destination>
  1726.                 <address>10.246.9.31</address>
  1727.             </destination>
  1728.             <descr>sys390 to mobiuscontent (ftp - todd/cheryl) 111005</descr>
  1729.         </rule>
  1730.         <rule>
  1731.             <type>pass</type>
  1732.             <interface>wan</interface>
  1733.             <protocol>tcp</protocol>
  1734.             <source>
  1735.                 <address>10.0.119.33</address>
  1736.             </source>
  1737.             <destination>
  1738.                 <address>10.246.9.31</address>
  1739.             </destination>
  1740.             <descr>moya to mobiuscontent (ftp - todd/cheryl)</descr>
  1741.         </rule>
  1742.         <rule>
  1743.             <type>pass</type>
  1744.             <interface>wan</interface>
  1745.             <protocol>tcp</protocol>
  1746.             <source>
  1747.                 <address>10.0.118.56</address>
  1748.             </source>
  1749.             <destination>
  1750.                 <address>10.246.9.31</address>
  1751.             </destination>
  1752.             <descr>toodb to mobiuscontent (ftp temp) 111405</descr>
  1753.         </rule>
  1754.         <rule>
  1755.             <type>pass</type>
  1756.             <interface>wan</interface>
  1757.             <protocol>tcp</protocol>
  1758.             <source>
  1759.                 <any/>
  1760.             </source>
  1761.             <destination>
  1762.                 <address>10.246.9.32</address>
  1763.                 <port>8080</port>
  1764.             </destination>
  1765.             <descr>mobiusweb</descr>
  1766.         </rule>
  1767.         <rule>
  1768.             <type>pass</type>
  1769.             <interface>wan</interface>
  1770.             <protocol>tcp</protocol>
  1771.             <source>
  1772.                 <any/>
  1773.             </source>
  1774.             <destination>
  1775.                 <address>10.246.9.32</address>
  1776.                 <port>80</port>
  1777.             </destination>
  1778.             <descr>mobiusweb (todd 100505)</descr>
  1779.         </rule>
  1780.         <rule>
  1781.             <type>pass</type>
  1782.             <interface>wan</interface>
  1783.             <protocol>tcp</protocol>
  1784.             <source>
  1785.                 <any/>
  1786.             </source>
  1787.             <destination>
  1788.                 <address>10.246.9.30</address>
  1789.                 <port>1581-1583</port>
  1790.             </destination>
  1791.             <descr>mobiuslinux (102505) tivoli webclient</descr>
  1792.             <disabled/>
  1793.         </rule>
  1794.         <rule>
  1795.             <type>pass</type>
  1796.             <interface>wan</interface>
  1797.             <protocol>tcp</protocol>
  1798.             <source>
  1799.                 <address>10.245.0.42</address>
  1800.             </source>
  1801.             <destination>
  1802.                 <network>lan</network>
  1803.                 <port>5900</port>
  1804.             </destination>
  1805.             <descr>lamarr (computer room) vnc (111405)</descr>
  1806.         </rule>
  1807.         <rule>
  1808.             <type>pass</type>
  1809.             <interface>wan</interface>
  1810.             <protocol>tcp</protocol>
  1811.             <source>
  1812.                 <address>10.245.0.42</address>
  1813.             </source>
  1814.             <destination>
  1815.                 <network>lan</network>
  1816.                 <port>3389</port>
  1817.             </destination>
  1818.             <descr>lamarr (computer room) terminal services (111405)</descr>
  1819.         </rule>
  1820.         <rule>
  1821.             <type>pass</type>
  1822.             <interface>wan</interface>
  1823.             <protocol>tcp</protocol>
  1824.             <source>
  1825.                 <address>10.245.0.42</address>
  1826.             </source>
  1827.             <destination>
  1828.                 <network>lan</network>
  1829.                 <port>5631</port>
  1830.             </destination>
  1831.             <descr>lamarr (computer room) pcanywhere (111405)</descr>
  1832.         </rule>
  1833.         <rule>
  1834.             <type>pass</type>
  1835.             <interface>wan</interface>
  1836.             <protocol>tcp</protocol>
  1837.             <source>
  1838.                 <address>10.0.119.181</address>
  1839.             </source>
  1840.             <destination>
  1841.                 <network>lan</network>
  1842.                 <port>5900</port>
  1843.             </destination>
  1844.             <descr>lamarr vnc (111405)</descr>
  1845.         </rule>
  1846.         <rule>
  1847.             <type>pass</type>
  1848.             <interface>wan</interface>
  1849.             <protocol>tcp</protocol>
  1850.             <source>
  1851.                 <address>10.0.119.181</address>
  1852.             </source>
  1853.             <destination>
  1854.                 <network>lan</network>
  1855.                 <port>3389</port>
  1856.             </destination>
  1857.             <descr>lamarr terminal services (111405)</descr>
  1858.         </rule>
  1859.         <rule>
  1860.             <type>pass</type>
  1861.             <interface>wan</interface>
  1862.             <protocol>tcp</protocol>
  1863.             <source>
  1864.                 <address>10.0.119.181</address>
  1865.             </source>
  1866.             <destination>
  1867.                 <network>lan</network>
  1868.                 <port>5631</port>
  1869.             </destination>
  1870.             <descr>lamarr pcanywhere (111405)</descr>
  1871.         </rule>
  1872.         <rule>
  1873.             <type>reject</type>
  1874.             <interface>wan</interface>
  1875.             <source>
  1876.                 <any/>
  1877.             </source>
  1878.             <destination>
  1879.                 <any/>
  1880.             </destination>
  1881.             <log/>
  1882.             <descr>reject any non matching</descr>
  1883.         </rule>
  1884.         <rule>
  1885.             <type>pass</type>
  1886.             <interface>lan</interface>
  1887.             <source>
  1888.                 <any/>
  1889.             </source>
  1890.             <destination>
  1891.                 <any/>
  1892.             </destination>
  1893.             <descr>allow all (test rule)</descr>
  1894.             <disabled/>
  1895.         </rule>
  1896.         <rule>
  1897.             <type>pass</type>
  1898.             <interface>lan</interface>
  1899.             <protocol>icmp</protocol>
  1900.             <source>
  1901.                 <any/>
  1902.             </source>
  1903.             <destination>
  1904.                 <any/>
  1905.             </destination>
  1906.             <descr>allow pings</descr>
  1907.         </rule>
  1908.         <rule>
  1909.             <type>pass</type>
  1910.             <interface>lan</interface>
  1911.             <protocol>tcp</protocol>
  1912.             <source>
  1913.                 <network>lan</network>
  1914.             </source>
  1915.             <destination>
  1916.                 <address>10.245.0.55</address>
  1917.                 <port>3128</port>
  1918.             </destination>
  1919.             <descr>squid proxy</descr>
  1920.         </rule>
  1921.         <rule>
  1922.             <type>pass</type>
  1923.             <interface>lan</interface>
  1924.             <protocol>tcp</protocol>
  1925.             <source>
  1926.                 <any/>
  1927.             </source>
  1928.             <destination>
  1929.                 <any/>
  1930.                 <port>23</port>
  1931.             </destination>
  1932.             <descr>allow telnet</descr>
  1933.         </rule>
  1934.         <rule>
  1935.             <type>pass</type>
  1936.             <interface>lan</interface>
  1937.             <protocol>tcp</protocol>
  1938.             <source>
  1939.                 <any/>
  1940.             </source>
  1941.             <destination>
  1942.                 <any/>
  1943.                 <port>22</port>
  1944.             </destination>
  1945.             <descr>allow ssh</descr>
  1946.         </rule>
  1947.         <rule>
  1948.             <type>pass</type>
  1949.             <interface>lan</interface>
  1950.             <protocol>udp</protocol>
  1951.             <source>
  1952.                 <any/>
  1953.             </source>
  1954.             <destination>
  1955.                 <any/>
  1956.                 <port>123</port>
  1957.             </destination>
  1958.             <descr>allow ntp</descr>
  1959.         </rule>
  1960.         <rule>
  1961.             <type>pass</type>
  1962.             <interface>lan</interface>
  1963.             <protocol>udp</protocol>
  1964.             <source>
  1965.                 <any/>
  1966.             </source>
  1967.             <destination>
  1968.                 <address>192.168.7.36</address>
  1969.                 <port>53</port>
  1970.             </destination>
  1971.             <descr>dns</descr>
  1972.         </rule>
  1973.         <rule>
  1974.             <type>pass</type>
  1975.             <interface>lan</interface>
  1976.             <protocol>udp</protocol>
  1977.             <source>
  1978.                 <any/>
  1979.             </source>
  1980.             <destination>
  1981.                 <address>192.168.7.37</address>
  1982.                 <port>53</port>
  1983.             </destination>
  1984.             <descr>dns</descr>
  1985.         </rule>
  1986.         <rule>
  1987.             <type>pass</type>
  1988.             <interface>lan</interface>
  1989.             <protocol>tcp</protocol>
  1990.             <source>
  1991.                 <address>10.246.9.2</address>
  1992.             </source>
  1993.             <destination>
  1994.                 <address>10.245.0.155</address>
  1995.                 <port>3128</port>
  1996.             </destination>
  1997.             <descr>medmined proxy access (webx)</descr>
  1998.             <disabled/>
  1999.         </rule>
  2000.         <rule>
  2001.             <type>pass</type>
  2002.             <interface>lan</interface>
  2003.             <protocol>tcp</protocol>
  2004.             <source>
  2005.                 <address>10.246.9.2</address>
  2006.                 <port>20</port>
  2007.             </source>
  2008.             <destination>
  2009.                 <any/>
  2010.             </destination>
  2011.             <descr>medmined ftp access</descr>
  2012.         </rule>
  2013.         <rule>
  2014.             <type>pass</type>
  2015.             <interface>lan</interface>
  2016.             <protocol>tcp</protocol>
  2017.             <source>
  2018.                 <address>10.246.9.2</address>
  2019.             </source>
  2020.             <destination>
  2021.                 <address>64.23.81.158</address>
  2022.             </destination>
  2023.             <descr>medmined passive ftp</descr>
  2024.         </rule>
  2025.         <rule>
  2026.             <type>pass</type>
  2027.             <interface>lan</interface>
  2028.             <protocol>tcp</protocol>
  2029.             <source>
  2030.                 <address>10.246.9.2</address>
  2031.             </source>
  2032.             <destination>
  2033.                 <address>199.72.30.59</address>
  2034.             </destination>
  2035.             <descr>medmined passive ftp</descr>
  2036.         </rule>
  2037.         <rule>
  2038.             <type>pass</type>
  2039.             <interface>lan</interface>
  2040.             <protocol>tcp</protocol>
  2041.             <source>
  2042.                 <address>10.246.9.2</address>
  2043.             </source>
  2044.             <destination>
  2045.                 <address>66.182.142.82</address>
  2046.             </destination>
  2047.             <descr>medmined passive ftp</descr>
  2048.         </rule>
  2049.         <rule>
  2050.             <type>pass</type>
  2051.             <interface>lan</interface>
  2052.             <protocol>tcp</protocol>
  2053.             <source>
  2054.                 <address>10.246.9.2</address>
  2055.             </source>
  2056.             <destination>
  2057.                 <address>207.157.43.66</address>
  2058.             </destination>
  2059.             <descr>medmined passive ftp</descr>
  2060.         </rule>
  2061.         <rule>
  2062.             <type>pass</type>
  2063.             <interface>lan</interface>
  2064.             <protocol>tcp</protocol>
  2065.             <source>
  2066.                 <address>10.246.9.3</address>
  2067.             </source>
  2068.             <destination>
  2069.                 <address>10.0.67.0/24</address>
  2070.             </destination>
  2071.             <descr>pdx to employee pharmancy (101405)</descr>
  2072.         </rule>
  2073.         <rule>
  2074.             <type>pass</type>
  2075.             <interface>lan</interface>
  2076.             <protocol>tcp</protocol>
  2077.             <source>
  2078.                 <address>10.246.9.3</address>
  2079.             </source>
  2080.             <destination>
  2081.                 <any/>
  2082.                 <port>5500</port>
  2083.             </destination>
  2084.             <descr>employee pharmancy to amerisource</descr>
  2085.         </rule>
  2086.         <rule>
  2087.             <type>pass</type>
  2088.             <interface>lan</interface>
  2089.             <protocol>tcp</protocol>
  2090.             <source>
  2091.                 <address>10.246.9.3</address>
  2092.             </source>
  2093.             <destination>
  2094.                 <any/>
  2095.                 <port>18000</port>
  2096.             </destination>
  2097.             <descr>employee pharmancy to amerisource</descr>
  2098.         </rule>
  2099.         <rule>
  2100.             <type>pass</type>
  2101.             <interface>lan</interface>
  2102.             <protocol>tcp</protocol>
  2103.             <source>
  2104.                 <address>10.246.9.3</address>
  2105.             </source>
  2106.             <destination>
  2107.                 <any/>
  2108.                 <port>1723</port>
  2109.             </destination>
  2110.             <descr>employee pharmancy to amerisource</descr>
  2111.         </rule>
  2112.         <rule>
  2113.             <type>pass</type>
  2114.             <interface>lan</interface>
  2115.             <protocol>tcp</protocol>
  2116.             <source>
  2117.                 <address>10.246.9.3</address>
  2118.             </source>
  2119.             <destination>
  2120.                 <address>206.197.159.9</address>
  2121.             </destination>
  2122.             <descr>employee pharmancy to amerisource</descr>
  2123.         </rule>
  2124.         <rule>
  2125.             <type>pass</type>
  2126.             <interface>lan</interface>
  2127.             <protocol>tcp</protocol>
  2128.             <source>
  2129.                 <address>10.246.9.3</address>
  2130.             </source>
  2131.             <destination>
  2132.                 <address>10.0.67.223</address>
  2133.             </destination>
  2134.             <descr>employee pharmancy printer</descr>
  2135.         </rule>
  2136.         <rule>
  2137.             <type>pass</type>
  2138.             <interface>lan</interface>
  2139.             <protocol>icmp</protocol>
  2140.             <source>
  2141.                 <address>10.246.9.3</address>
  2142.             </source>
  2143.             <destination>
  2144.                 <address>10.0.67.223</address>
  2145.             </destination>
  2146.             <descr>employee pharmancy printer</descr>
  2147.         </rule>
  2148.         <rule>
  2149.             <type>pass</type>
  2150.             <interface>lan</interface>
  2151.             <protocol>tcp</protocol>
  2152.             <source>
  2153.                 <address>10.246.9.12</address>
  2154.             </source>
  2155.             <destination>
  2156.                 <address>10.248.0.20</address>
  2157.                 <port>7100</port>
  2158.             </destination>
  2159.             <descr>lab system connections</descr>
  2160.         </rule>
  2161.         <rule>
  2162.             <type>pass</type>
  2163.             <interface>lan</interface>
  2164.             <protocol>tcp</protocol>
  2165.             <source>
  2166.                 <address>10.246.9.12</address>
  2167.             </source>
  2168.             <destination>
  2169.                 <address>10.248.0.20</address>
  2170.                 <port>7200</port>
  2171.             </destination>
  2172.             <descr>lab system connections</descr>
  2173.         </rule>
  2174.         <rule>
  2175.             <type>pass</type>
  2176.             <interface>lan</interface>
  2177.             <protocol>tcp</protocol>
  2178.             <source>
  2179.                 <any/>
  2180.             </source>
  2181.             <destination>
  2182.                 <address>10.245.0.55</address>
  2183.                 <port>3128</port>
  2184.             </destination>
  2185.             <descr>lab system connections</descr>
  2186.             <disabled/>
  2187.         </rule>
  2188.         <rule>
  2189.             <type>pass</type>
  2190.             <interface>lan</interface>
  2191.             <source>
  2192.                 <any/>
  2193.             </source>
  2194.             <destination>
  2195.                 <address>10.245.0.49</address>
  2196.             </destination>
  2197.             <descr>pc anywhere / terminal services</descr>
  2198.         </rule>
  2199.         <rule>
  2200.             <type>pass</type>
  2201.             <interface>lan</interface>
  2202.             <protocol>udp</protocol>
  2203.             <source>
  2204.                 <any/>
  2205.             </source>
  2206.             <destination>
  2207.                 <address>10.245.0.11</address>
  2208.                 <port>137</port>
  2209.             </destination>
  2210.             <descr>pc anywhere / terminal services</descr>
  2211.         </rule>
  2212.         <rule>
  2213.             <type>pass</type>
  2214.             <interface>lan</interface>
  2215.             <protocol>tcp/udp</protocol>
  2216.             <source>
  2217.                 <any/>
  2218.             </source>
  2219.             <destination>
  2220.                 <any/>
  2221.                 <port>3389</port>
  2222.             </destination>
  2223.             <descr>terminal services</descr>
  2224.         </rule>
  2225.         <rule>
  2226.             <type>pass</type>
  2227.             <interface>lan</interface>
  2228.             <protocol>tcp</protocol>
  2229.             <source>
  2230.                 <any/>
  2231.             </source>
  2232.             <destination>
  2233.                 <any/>
  2234.                 <port>5631</port>
  2235.             </destination>
  2236.             <descr>pc anywhere</descr>
  2237.         </rule>
  2238.         <rule>
  2239.             <type>pass</type>
  2240.             <interface>lan</interface>
  2241.             <protocol>tcp</protocol>
  2242.             <source>
  2243.                 <address>10.246.9.0/24</address>
  2244.             </source>
  2245.             <destination>
  2246.                 <address>192.168.7.139</address>
  2247.                 <port>1500</port>
  2248.             </destination>
  2249.             <frags/>
  2250.             <descr>tivoli (110405)</descr>
  2251.         </rule>
  2252.         <rule>
  2253.             <type>pass</type>
  2254.             <interface>lan</interface>
  2255.             <protocol>tcp</protocol>
  2256.             <source>
  2257.                 <address>10.246.9.0/24</address>
  2258.             </source>
  2259.             <destination>
  2260.                 <address>192.168.7.139</address>
  2261.                 <port>1580-1581</port>
  2262.             </destination>
  2263.             <descr>tivoli (121205)</descr>
  2264.         </rule>
  2265.         <rule>
  2266.             <type>pass</type>
  2267.             <interface>lan</interface>
  2268.             <protocol>tcp</protocol>
  2269.             <source>
  2270.                 <address>10.246.9.0/24</address>
  2271.             </source>
  2272.             <destination>
  2273.                 <address>10.249.0.1</address>
  2274.                 <port>1500</port>
  2275.             </destination>
  2276.             <frags/>
  2277.             <descr>tivoli (110405)</descr>
  2278.         </rule>
  2279.         <rule>
  2280.             <type>pass</type>
  2281.             <interface>lan</interface>
  2282.             <protocol>tcp</protocol>
  2283.             <source>
  2284.                 <address>10.246.9.0/24</address>
  2285.             </source>
  2286.             <destination>
  2287.                 <address>10.249.0.1</address>
  2288.                 <port>1580-1581</port>
  2289.             </destination>
  2290.             <descr>tivoli (110405)</descr>
  2291.         </rule>
  2292.         <rule>
  2293.             <type>pass</type>
  2294.             <interface>lan</interface>
  2295.             <protocol>tcp/udp</protocol>
  2296.             <source>
  2297.                 <address>10.246.9.31</address>
  2298.             </source>
  2299.             <destination>
  2300.                 <address>10.246.0.10</address>
  2301.                 <port>137-139</port>
  2302.             </destination>
  2303.             <descr>allow mobiuslcontent to PDC</descr>
  2304.         </rule>
  2305.         <rule>
  2306.             <type>pass</type>
  2307.             <interface>lan</interface>
  2308.             <protocol>tcp/udp</protocol>
  2309.             <source>
  2310.                 <address>10.246.9.32</address>
  2311.             </source>
  2312.             <destination>
  2313.                 <address>10.246.0.10</address>
  2314.                 <port>137-139</port>
  2315.             </destination>
  2316.             <descr>allow mobiusweb to PDC</descr>
  2317.         </rule>
  2318.         <rule>
  2319.             <type>pass</type>
  2320.             <interface>lan</interface>
  2321.             <protocol>tcp/udp</protocol>
  2322.             <source>
  2323.                 <address>10.246.9.31</address>
  2324.             </source>
  2325.             <destination>
  2326.                 <address>10.246.0.11</address>
  2327.                 <port>137-139</port>
  2328.             </destination>
  2329.             <descr>allow mobiuscontent to PDC</descr>
  2330.         </rule>
  2331.         <rule>
  2332.             <type>pass</type>
  2333.             <interface>lan</interface>
  2334.             <protocol>tcp/udp</protocol>
  2335.             <source>
  2336.                 <address>10.246.9.32</address>
  2337.             </source>
  2338.             <destination>
  2339.                 <address>10.246.0.11</address>
  2340.                 <port>137-139</port>
  2341.             </destination>
  2342.             <descr>allow mobiusweb to PDC</descr>
  2343.         </rule>
  2344.         <rule>
  2345.             <type>pass</type>
  2346.             <interface>lan</interface>
  2347.             <protocol>tcp/udp</protocol>
  2348.             <source>
  2349.                 <address>10.246.9.31</address>
  2350.             </source>
  2351.             <destination>
  2352.                 <address>10.246.0.111</address>
  2353.                 <port>137-139</port>
  2354.             </destination>
  2355.             <descr>allow mobiuscontent to PDC</descr>
  2356.         </rule>
  2357.         <rule>
  2358.             <type>pass</type>
  2359.             <interface>lan</interface>
  2360.             <protocol>tcp/udp</protocol>
  2361.             <source>
  2362.                 <address>10.246.9.32</address>
  2363.             </source>
  2364.             <destination>
  2365.                 <address>10.246.0.111</address>
  2366.                 <port>137-139</port>
  2367.             </destination>
  2368.             <descr>allow mobiusweb to PDC</descr>
  2369.         </rule>
  2370.         <rule>
  2371.             <type>pass</type>
  2372.             <interface>lan</interface>
  2373.             <protocol>tcp/udp</protocol>
  2374.             <source>
  2375.                 <address>10.246.9.31</address>
  2376.             </source>
  2377.             <destination>
  2378.                 <address>10.246.0.49</address>
  2379.                 <port>2967</port>
  2380.             </destination>
  2381.             <descr>allow mobiuslcontent to ntnorton</descr>
  2382.         </rule>
  2383.         <rule>
  2384.             <type>pass</type>
  2385.             <interface>lan</interface>
  2386.             <protocol>tcp/udp</protocol>
  2387.             <source>
  2388.                 <address>10.246.9.32</address>
  2389.             </source>
  2390.             <destination>
  2391.                 <address>10.246.0.49</address>
  2392.                 <port>2967</port>
  2393.             </destination>
  2394.             <descr>allow mobiusweb to ntnorton</descr>
  2395.         </rule>
  2396.         <rule>
  2397.             <type>pass</type>
  2398.             <interface>lan</interface>
  2399.             <protocol>tcp/udp</protocol>
  2400.             <source>
  2401.                 <address>10.246.9.31</address>
  2402.             </source>
  2403.             <destination>
  2404.                 <address>10.246.0.49</address>
  2405.                 <port>38293</port>
  2406.             </destination>
  2407.             <descr>allow mobiuslcontent to ntnorton</descr>
  2408.         </rule>
  2409.         <rule>
  2410.             <type>pass</type>
  2411.             <interface>lan</interface>
  2412.             <protocol>tcp/udp</protocol>
  2413.             <source>
  2414.                 <address>10.246.9.32</address>
  2415.             </source>
  2416.             <destination>
  2417.                 <address>10.246.0.49</address>
  2418.                 <port>38293</port>
  2419.             </destination>
  2420.             <descr>allow mobiusweb to ntnorton</descr>
  2421.         </rule>
  2422.         <rule>
  2423.             <type>pass</type>
  2424.             <interface>lan</interface>
  2425.             <protocol>tcp</protocol>
  2426.             <source>
  2427.                 <address>10.246.9.31</address>
  2428.             </source>
  2429.             <destination>
  2430.                 <address>10.245.1.1</address>
  2431.             </destination>
  2432.             <descr>mobiuscontent to cmos930 (ftp)</descr>
  2433.         </rule>
  2434.         <rule>
  2435.             <type>pass</type>
  2436.             <interface>lan</interface>
  2437.             <protocol>tcp</protocol>
  2438.             <source>
  2439.                 <address>10.246.9.31</address>
  2440.             </source>
  2441.             <destination>
  2442.                 <address>10.245.1.2</address>
  2443.             </destination>
  2444.             <descr>mobiuscontent to y2k930 (ftp) 111005</descr>
  2445.         </rule>
  2446.         <rule>
  2447.             <type>pass</type>
  2448.             <interface>lan</interface>
  2449.             <protocol>tcp</protocol>
  2450.             <source>
  2451.                 <address>10.246.9.31</address>
  2452.             </source>
  2453.             <destination>
  2454.                 <address>10.245.1.3</address>
  2455.             </destination>
  2456.             <descr>mobiuscontent to sys930 (ftp) 111005</descr>
  2457.         </rule>
  2458.         <rule>
  2459.             <type>pass</type>
  2460.             <interface>lan</interface>
  2461.             <protocol>tcp</protocol>
  2462.             <source>
  2463.                 <address>10.246.9.31</address>
  2464.             </source>
  2465.             <destination>
  2466.                 <address>10.0.119.33</address>
  2467.             </destination>
  2468.             <descr>mobiuscontent to moya (ftp)</descr>
  2469.         </rule>
  2470.         <rule>
  2471.             <type>pass</type>
  2472.             <interface>lan</interface>
  2473.             <protocol>tcp</protocol>
  2474.             <source>
  2475.                 <address>10.246.9.31</address>
  2476.             </source>
  2477.             <destination>
  2478.                 <address>10.0.118.56</address>
  2479.             </destination>
  2480.             <descr>mobiuscontent to toddb (ftp tmp) 111405</descr>
  2481.         </rule>
  2482.         <rule>
  2483.             <type>pass</type>
  2484.             <interface>lan</interface>
  2485.             <protocol>tcp</protocol>
  2486.             <source>
  2487.                 <address>10.246.9.30</address>
  2488.             </source>
  2489.             <destination>
  2490.                 <address>10.240.0.5</address>
  2491.                 <port>25</port>
  2492.             </destination>
  2493.             <descr>mobiuslinux sendmail to todd (110905)</descr>
  2494.         </rule>
  2495.         <rule>
  2496.             <type>reject</type>
  2497.             <interface>lan</interface>
  2498.             <source>
  2499.                 <any/>
  2500.             </source>
  2501.             <destination>
  2502.                 <any/>
  2503.             </destination>
  2504.             <log/>
  2505.             <descr>reject any non matching</descr>
  2506.         </rule>
  2507.         <tcpidletimeout/>
  2508.     </filter>
  2509.     <shaper/>
  2510.     <ipsec/>
  2511.     <aliases/>
  2512.     <proxyarp/>
  2513.     <wol/>
  2514.     <lastchange>1134420732</lastchange>
  2515. </m0n0wall>

Update the Post

Either update this post and resubmit it with changes, or make a new post.

You may also comment on this post.

update paste below
details of the post (optional)

Note: Only the paste content is required, though the following information can be useful to others.

Save name / title?

(space separated, optional)



Please note that information posted here will expire by default in one month. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.

comments powered by Disqus
worth-right
worth-right
worth-right