# Generated by Network Security Policy Compiler, version 2.453

# [ BEGIN router:x ]
# [ Model = Linux ]
# [ Routing ]
! route network:f -> interface:v.b
ip route add 10.1.5.0/24 via 10.1.2.4
! route network:0/0 -> interface:y1.b.virtual
ip route add 0.0.0.0/0 via 10.1.2.22
# [ ACL ]
#!/sbin/iptables-restore <<EOF
*filter
:INPUT DROP
:FORWARD DROP
:OUTPUT ACCEPT
:eth0_self -
:eth0_in -
:eth1_self -
:eth1_in -
:c1 -
:droplog -
-A droplog -j LOG --log-level debug
-A droplog -j DROP
-A c1 -j ACCEPT -d 125.1.2.0/24
-A c1 -j ACCEPT -d 10.1.255.0/24
-A c1 -j ACCEPT -d 10.1.3.0/24

# interface:x.a
-A eth0_in -g c1 -s 125.1.1.10 -d 0.0.0.0/1 -p icmp --icmp-type 8

# interface:x.b

-A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED
-A INPUT -j eth0_self -i eth0 
-A INPUT -j eth1_self -i eth1 
-A INPUT -j droplog
-A FORWARD -j ACCEPT -m state --state ESTABLISHED,RELATED
-A FORWARD -j eth0_in -i eth0
-A FORWARD -j eth1_in -i eth1
-A FORWARD -j droplog
COMMIT
EOF
# [ END router:x ]

