summaryrefslogtreecommitdiffstats
path: root/templates/02_workstation_template.tkmfgrs
diff options
context:
space:
mode:
Diffstat (limited to 'templates/02_workstation_template.tkmfgrs')
-rw-r--r--templates/02_workstation_template.tkmfgrs43
1 files changed, 43 insertions, 0 deletions
diff --git a/templates/02_workstation_template.tkmfgrs b/templates/02_workstation_template.tkmfgrs
new file mode 100644
index 0000000..7702051
--- /dev/null
+++ b/templates/02_workstation_template.tkmfgrs
@@ -0,0 +1,43 @@
+<!DOCTYPE kmyfirewall-ruleset>
+<kmfgrs>
+<netzone guiName="Incoming Connections" id="13" name="incoming_world" description="This is the global zone that contains
+all valid IP addresses." >
+ <fromIP address="0.0.0.0" />
+ <netMask address="0" />
+<protocol logging="yes" limit="1/second" io="OUTGOING" id="19" name="SSH" description="Protocol used to enable a secure remote shell connection." >
+ <port protocol="TCP" num="22" />
+</protocol>
+</netzone>
+<netzone guiName="Outgoing Connections" id="14" name="outgoing_world" description="This is the global zone that contains
+all valid IP addresses." >
+ <fromIP address="0.0.0.0" />
+ <netMask address="0" />
+</netzone>
+<netzone guiName="Forbidden Clients" id="17" name="badClients_hosts" description="Hosts in this zone will not be able
+to use services your computer provides." >
+ <fromIP address="0.0.0.0" />
+ <netMask address="0" />
+</netzone>
+<netzone guiName="Forbidden Servers" id="18" name="badServers_hosts" description="You will not be able to use the services
+of the hosts in that list." >
+ <fromIP address="0.0.0.0" />
+ <netMask address="0" />
+</netzone>
+<netzone guiName="Malicious Hosts" id="16" name="malicious_hosts" description="Traffic coming from and going to hosts
+will be dropped always." >
+ <fromIP address="0.0.0.0" />
+ <netMask address="0" />
+</netzone>
+<netzone guiName="Trusted Hosts" id="15" name="trusted_hosts" description="Traffic coming from and going to hosts
+will be accepted always.
+Only add really trusted Hosts to this Zone" >
+ <fromIP address="0.0.0.0" />
+ <netMask address="0" />
+</netzone>
+ <abstract restrictOutgoingConnections="bool:off" allowIncomingConnections="bool:on" name="Workstation Template" description="Simple configuration for an typical workstation environment.
+Just allow ssh connections from other hosts." />
+ <logging logPrefix="KMF: " logDropped="bool:on" limitLog="bool:on" />
+ <icmp limitPingReply="bool:on" allowPingReply="bool:on" />
+ <nat natAddress="0.0.0.0" useMasquerade="bool:off" useNat="bool:off" outgoingInterface="bool:off" />
+</kmfgrs>
+
generated by cgit v1.2.1 (git 2.18.0) at 2024-12-14 16:12:47 +0000