home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 35 Internet
/
35-Internet.zip
/
sf11b70.zip
/
sfire.smp
< prev
Wrap
Text File
|
1999-08-03
|
3KB
|
127 lines
;
; Sample configuration file for SafeFire.
;
; Copy it to SFIRE.CFG to put it to work.
;
; Most variables have reasonable default values
;
[nat] ;Network Address Translation configuration parameters
; This variable enables NAT. By default NAT is ON
;enable=yes
; This variable enables assembling packets before translation
;defragment=yes
; This variable enables forwarding of packets ignored by NAT
;forward_ignored=no
; This variables reduces set of internal IP's which will be translated
; to three ranges (see RFC1918):
; 10.0.0.0 -> 10.255.255.255
; 172.16.0.0 -> 172.31.255.255
; 192.168.0.0 -> 192.168.255.255
;
; By default this value is ON.
;private_net=yes
[ident] ; Internal IDENT server configuration
; This variable enables internal IDENTD
;enable=yes
;
; In general response looks like following:
; 123, 12345: USERID: OS/2: os2user
;
; Following variable determines last part of response
;user=os2user
[portmap] ; Port mapping rules. NOTE: Portmapper requires enabled NAT!
; This variable can be mentioned more than once, i.e. you can define as many
; port mappings as you wish by adding appropriate 'rule' variable.
;
; Each rule is described by two pairs addr:port as in following example:
;
; rule = 123.45.67.89:80,192.168.1.1:8080
;
; This rule will redirect all connections going trough SafeFire to
; host 123.45.67.89 and port 80 (www) to host 192.168.1.1 and port 8080.
; You can use 0 in the place of first address if host is the same
; where SafeFire is running
; By default rules are empty
;rule=
[filter] ; Packet filter
; This variable enables packet filter
;enable=no
; This variable can be mentioned more than once, i.e. you can define as many
; rules as you wish by adding appropriate 'rule' variable.
;
; Each rule is described using following syntax (refer to documentation
; for more details):
; rule = [number] action proto src dst [extra[,...]]
;
; action: {allow|accept|permit} | {deny|drop|reject}
;
; proto : {all|ip|tcp|udp|icmp}
;
; src : from [not] {any|ip[{/bits|:mask}]} [{port|port-port},[port],...]
; dst : to [not] {any|ip[{/bits|:mask}]} [{port|port-port},[port],...]
;
; extra : {fragment|in|out|established|setup|flags}
; flags : tcpflags [!]{syn|fin|rst|ack|psh|urg},...
;
;rule=
[key] ; License key section
;name=
;key=
[remote]
; Remote Control section
;
; Order of checks: allow, deny
; If address of remote falls under conditions of allow and does not match
; anything in 'deny' then connection is accepted.
; All other cases only logged and connections are not permitted
;
; Format of rule (either deny and allow):
;
; any|ip[{/bits|:mask}]
;
; NOTE: connections from address 127.0.0.1 are always enabled,
; unless port is set to 0.
;enable = yes
;port = 1021
;allow =
;deny =
; NOTE: this is NOT a default values.
; By default remote access is disabled because of empty rule sets.
;
;userid = "userid"
;password = "password"
[log]
;console=yes
;level=7
[dhcp]
;interval=5
[device]
;mode=0
;name=SFIRE1$