Rules

Outbound Services

	#	Enable	Service Name	Action	LAN Users	WAN Servers	Log
	1		SNMP-TRAPS	BLOCK always	Any	Any	Match
	2		SNMP	BLOCK always	Any	Any	Match
	3		Back_Orifice	BLOCK always	Any	Any	Match
	4		ms-sql-s/m	BLOCK always	Any	Any	Match
	5		School_Bus	BLOCK always	Any	Any	Match
	6		NetBus	BLOCK always	Any	Any	Match
	7		Bagle_Bkdr	BLOCK always	Any	Any	Match
	8		BioNet	BLOCK always	Any	Any	Match
	9		RingZero	BLOCK always	Any	Any	Match
	10		SubSeven	BLOCK always	Any	Any	Match
	11		SubSeven_2	BLOCK always	Any	Any	Match
	12		Socks	BLOCK always	Any	Any	Match
	13		MyDoom_bkdr2	BLOCK always	Any	Any	Match
	14		MyDoom_bkdr	BLOCK always	Any	Any	Match
	15		BOOTP_SERVER	BLOCK always	Any	Any	Never
	16		BOOTP_CLIENT	BLOCK always	Any	Any	Never
	17		Prts_NetBios	BLOCK always	Any	Any	Match
	18		Microsoft-DS	BLOCK always	Any	Any	Match
	Default	Yes	Any	ALLOW always	Any	Any	Never

Inbound Services

	#	Enable	Service Name	Action	LAN Server IP address	WAN Users	Log
	1		SK_2	ALLOW always	192.168.0.3	Any	Match
	2		Sk	ALLOW always	192.168.0.3	Any	Match
	3		FTP	ALLOW always	192.168.0.3	Any	Match
	4		FTP Passif	ALLOW always	192.168.0.3	Any	Match
	5		HTTP	ALLOW always	192.168.0.3	Any	Match
	6		ICQ Transf	ALLOW always	192.168.0.3	Any	Never
	7		Trillian Srv	ALLOW always	192.168.0.3	Any	Never
	8		IRC Transf	ALLOW always	192.168.0.3	Any	Never
	9		Battle.Net	ALLOW always	192.168.0.3	Any	Match
	10		Roger Wilco	ALLOW always	192.168.0.3	Any	Match
	11		netmeeting_1	ALLOW always	192.168.0.3	Any	Match
	12		netmeeting_2	ALLOW always	192.168.0.3	Any	Match
	13		netmeeting_3	ALLOW always	192.168.0.3	Any	Match
	Default	Yes	Any	BLOCK always	--	Any	Match

Default DMZ Server

...

Respond to Ping on Internet (WAN) Port

Enable VPN Passthrough (IPSec, PPTP, L2TP)

Drop fragmented IP packets

Block TCP flood

Block UDP flood

Block non-standard packets