Lines Matching full:allow

266 # the entire rule set.  Allow established tcp connections through,
275 add 01000 allow tcp from any to any established
276 add 01001 allow all from any to any out via fxp0
277 add 01001 allow all from any to any out via fxp1
278 add 01001 allow all from any to any out via fxp2
305 #add 01010 allow all from 10.0.0.0/8 to 10.0.0.0/8
306 #add 01011 allow all from 192.100.5.0/24 to 192.100.5.0/24
311 # If using a more restrictive firewall, allow specific LANs
317 add 01012 allow tcp from 10.0.1.0/8 to 10.0.1.1 139
318 add 01012 allow udp from 10.0.1.0/8 to 10.0.1.1 137,138
322 # We allow specific UDP services through: DNS lookups, ntalk, and ntp.
326 # to allow UDP fragments or larger fragmented UDP packets will
335 add 02000 allow udp from any to any 4000-65535,domain,ntalk,ntp
336 add 02500 allow udp from any to any frag
338 # Allow similar services for TCP.  Again, these only apply to
339 # services bound to exposed addresses.  NOTE: we allow 'auth'
345 # Note that we do not allow tcp fragments through, and that we do
346 # not allow fragments in general (except for UDP fragments).  We
350 add 03000 allow tcp from any to any http,https
351 add 03000 allow tcp from any to any 4000-65535,ssh,smtp,domain,ntalk
352 add 03000 allow tcp from any to any auth,pop3,ftp,ftp-data
354 # It is important to allow certain ICMP types through, here is a list
369 # Sometimes people need to allow ICMP REDIRECT packets, which is
370 # type 5, but if you allow it make sure that your Internet router
373 add 04000 allow icmp from any to any icmptypes 0,3,8,11,12,13,14