update-firewall-source/examples/config.ini.example

[DEFAULT]
target = ACCEPT
addr =
ports = 80, 443
proto = tcp
state = NEW
hitcount =
do_ipv6 = false
firewalld_direct_file_abs = /etc/firewalld/direct.xml
restart_firewalld_after_change = true

[anyone-may-icmp-with-limit]
addr =
ports =
proto = icmp
state = NEW,UNTRACKED
hitcount = 120/60

[anyone-can-access-website]

# Unsetting 'proto' while having a 'ports' value results in an invalid section
# [these-guys-can-dns]
# addr = google.li, 142.251.36.195, lowendbox.com, 2606:4700:20::ac43:4775
# ports = 53
# proto =
# do_ipv6 = true

[maybe-a-webserver]
addr = 2606:4700:20::681a:804, lowendtalk.com
ports = 80, 443
do_ipv6 = true

[anyone-may-access-mail-services]
ports = 143, 993, 110, 995, 25, 465, 587
hitcount = 120/60

[deny-all]
target = DROP
addr =
ports =
proto =
state =
do_ipv6 = true
feat(app): Initial commit 2022-06-18 02:32:46 +02:00			`[DEFAULT]`
			`target = ACCEPT`
			`addr =`
			`ports = 80, 443`
			`proto = tcp`
feat(config): Add iptables connection state options 2022-07-05 04:46:30 +02:00			`state = NEW`
docs(config): Update example config.ini with hitcount and ICMP settings 2022-07-16 02:11:21 +02:00			`hitcount =`
feat(config): Add iptables connection state options 2022-07-05 04:46:30 +02:00			`do_ipv6 = false`
			`firewalld_direct_file_abs = /etc/firewalld/direct.xml`
feat(app): Add globals and how to deal with them 2022-06-20 23:52:03 +02:00			`restart_firewalld_after_change = true`
feat(app): Initial commit 2022-06-18 02:32:46 +02:00
docs(config): Update example config.ini with hitcount and ICMP settings 2022-07-16 02:11:21 +02:00			`[anyone-may-icmp-with-limit]`
			`addr =`
			`ports =`
			`proto = icmp`
			`state = NEW,UNTRACKED`
			`hitcount = 120/60`

feat(app): Initial commit 2022-06-18 02:32:46 +02:00			`[anyone-can-access-website]`

docs(config): In example config.ini file comment out an invalid section to better differentiate it from valid sections 2022-07-05 04:45:23 +02:00			`# Unsetting 'proto' while having a 'ports' value results in an invalid section`
			`# [these-guys-can-dns]`
			`# addr = google.li, 142.251.36.195, lowendbox.com, 2606:4700:20::ac43:4775`
			`# ports = 53`
			`# proto =`
			`# do_ipv6 = true`
feat(app): Initial commit 2022-06-18 02:32:46 +02:00
			`[maybe-a-webserver]`
			`addr = 2606:4700:20::681a:804, lowendtalk.com`
			`ports = 80, 443`
docs(config): Give example usage for a section that needs IPv6 rules 2022-07-05 04:45:15 +02:00			`do_ipv6 = true`
feat(app): Initial commit 2022-06-18 02:32:46 +02:00
docs(config): Update example config.ini with hitcount and ICMP settings 2022-07-16 02:11:21 +02:00			`[anyone-may-access-mail-services]`
feat(app): Initial commit 2022-06-18 02:32:46 +02:00			`ports = 143, 993, 110, 995, 25, 465, 587`
docs(config): Update example config.ini with hitcount and ICMP settings 2022-07-16 02:11:21 +02:00			`hitcount = 120/60`
feat(app): Initial commit 2022-06-18 02:32:46 +02:00
			`[deny-all]`
fix(rule): Default drop-packet rule must use 'DROP' target 2022-06-18 02:41:04 +02:00			`target = DROP`
feat(app): Initial commit 2022-06-18 02:32:46 +02:00			`addr =`
			`ports =`
			`proto =`
docs(config): Warn user that a trailing target=DROP rule is sensible 2022-07-05 04:45:41 +02:00			`state =`
			`do_ipv6 = true`