Current Eagle Firewall Configurations

Visual Raptor Configuration
Version 3.2

Current Configuration Settings
for Raptor Eagle Gateway FIREDOG

Generic Settings

Eagle Version Eagle V5.0.3

Features Enabled eagle-100 gateway vpn des hawk SRL

Licence Key i67qrvV%i.?FR?EH+

Windows_NT Eagle Version 5

Current interface settings

Configured Interfaces
Interface IP-Address Descrip. Internal Publ. Addr. Spoof Prot.for Multicast Synflood Portscan Input Filter Output Filter

Elnk32 x.x.x.201 0 0 0 1

Elnk31 10.1.4.81 1 Universe* 0 0 0

Current Defined Filters

Defined single Filters
Name Descrip. Action from (A) to (B) Services

udp-filter Allow INTERNAL-user Universe* A->B UDP
B->A UDP
A->B netbios_137_udp
A->B netbios_138_udp
A->B netbios_139_udp

udp-filter1 Allow INTERNAL-user INTERNAL-user A->B UDP

Current firewall users defined
Filename = gwpasswd

Defined Users
NAME PASSWORD USER ID PRIM GROUP ID DESCRIPTION

yaj 0099 setid3421

lxm 0099 menys6189

Gateway Group Entities
Filename = gwgroup

User Group Definitions
NAME DESCRIPTION GROUP ID GUEST

admin Administrator 2

ftp-users FTP Users 301 bobgrt

intranet web_access 302 web

power Power 300

skey_0-24 Skey 0 - 24 108

skey_6-22 Skey 6 - 22 106

skey_6-24 Skey 6 - 24 107

Current GSP firewall configuration for proxies
Filename used = gsp.cf

Generic Proxy Services Configuration
PORT # PROTOCOL HOST PORT OPTION

1202 tcp 10.7.4.85 1202

8881 tcp 10.1.4.63 8881

8882 tcp 10.1.4.65 8882

8883 tcp 10.1.4.64 8883

Current firewall entity configuration
Filename = pkentity

Defined Network Entities
NAME TYPE DESCRIPTION ADDRESS MASK/MEMBERS

CAI_ftp_patch_site subnet Download patches from CAI 141.202.253.0 8

EXTERNAL_FTP group 2 MicroFocus_ftp FTP1 FTP3 FTP4 FTP5 CAI_FTP_SITE FTP2 HP_PATCHES_SERVER CAI_ftp_patch_site

FTP1 host ps.boulder.ibm.com

FTP2 subnet 129.34.139.0 8

FTP3 host IBM FTP SERVER 204.146.133.203

FTP4 subnet 204.146.167.0 8

FTP5 subnet Boulder IBM FTP Servers 198.17.57.0 8

HP_PATCHES_SERVER host HP Support Server us-support.external.hp.com

IBM_host_link_access host www2.ibmlink.ibm.com

INTERNAL-user subnet All Internal Clients 10.1.0.0 16

Custom Services Configuration
Filename = pkservices

Defined Custom Services
NAME DESCRIPTION PROTOCOL GATEWAY ALERT PREAMBLE SERVER PORT

Chatting Chat on 6667 app_6667 {} 0 0 {} {}

Chatting-excite Chat on 1533 app_1533 {} 0 0 {} {}

POP3_tcp Allow POP3 connection app_TCP_110 {} 0 0 10.1.4.67 110

Remote_print Remote connection to remote printer printer {} 0 0 {} {}

Stream_Cam_Proxy Stream Cam Proxy Stream_Cam {} 0 0 {} {}

TCP_1202

TCP_1503 app_TCP_1503 {} 0 0 {} {}

TCP_1731 app_TCP_1731 {} 0 0 {} {}

TCP_3304 0 0 {} {}

TCP_3307 0 0 {} {}

TCP_345 app_TCP_345 {} 0 0 x.x.x.50 345

TCP_5190 0 0 {} {}

TCP_522 app_TCP_522 {} 0 0 {} {}

TCP_5999 XPath File Transfer app_TCP_5999 {} 0 0 10.1.1.159 5999

TCP_7070 app_TCP_7070 {} 0 0 {} {}

TCP_8881

TCP_8882

TCP_8883

TCP_8884 p390 / IP address was 10.1.4.60 app_TCP_8884 firedog 0 0 10.6.2.10 8884

TCP_8885

TCP_8887

app_3000 3000 access tcp_3000 {} 0 0 {} {}

app_3024 3024 access tcp_3024 {} 0 0 {} {}

gsp_TCP_nntp app_TCP_nntp {} 0 0 {} {}

pc_5631 pc anywhrer tcp 5631 pc_tcp_5631 {} 0 0 {} {}

pc_5632 pc anywhrer udp 5632 pc_udp_5632 firedog 0 0 10.1.0.1 5632

Current firewall redirected services defined
Filename = pkamap

Defined Redirected Services
SERVER GSP SOURCE DESTINATION PORT

firedog app_TCP_1503 x.x.x.64 10.1.2.104 1503

firedog app_TCP_1503 x.x.x.63 10.1.2.109 1503

firedog app_TCP_1503 x.x.x.65 10.1.2.100 1503

firedog app_TCP_1731 x.x.x.64 10.1.2.104 1731

firedog app_TCP_1731 x.x.x.63 10.1.2.109 1731

firedog app_TCP_1731 x.x.x.65 10.1.2.100 1731

firedog app_TCP_522 x.x.x.63 10.1.2.109 522

firedog app_TCP_522 x.x.x.64 10.1.2.104 522

firedog app_TCP_522 x.x.x.65 10.1.2.100 522

firedog ftp x.x.x.63 10.1.4.64 21

firedog ftp-data x.x.x.63 10.1.4.64 20

firedog http x.x.x.100 10.1.4.57 80

firedog http x.x.x.63 10.1.4.77 80

firedog http x.x.x.201 10.1.4.66 80

Configuration Variables
Filename = config.cf

Variables Not Set to Default
NAME Set To

httpd 1

gopherd 1

telnetd 1

ftpd 1

srld Disable

dnsd 0

notifyd Enable

nsetupd Enable

smtpd 1

vpnd Enable

xntpd 0

readhawk Enable

readeagle Enable

gwproxy Enable

gwcontrol Enable

passer Enable

tacacsd Enable

realaudio 1

visualizer 0

eagleslave Enable

fetcher Disable

logdir \Raptor\Eagle\sg

reverse_lookup 0

reverse_lookup_allow_mismatch True

telnetd.timeout 36000

notifyd.modem_device COM2

stats.log_names On

stats.log_gwcontrol 0

httpd.sfg_port 8080

cifsd 1

nntpd 1

sfpgw 1

VPN Defined Configuration
DESCR. TUNNEL ENDPOINT A TUNNEL ENDPOINT B ENCRYPTION KEYS AH/ESP INDEX A AH/ESP INDEX B FILTER TUNNEL / TRANSPORT MODES

VPN N to Test Network sec-n sec-test 1211 1121 0
VPN N to M Office sec-n sec-m rc2 0xh1998 113 131 0
VPN N to H Office sec-n sec-p rc2 0xg1998 112 121 0

Gateway Access Rules Configuration
Filename = gateway.cf

Gateway Rules Configured
THRESHOLDS SOURCEs DEFINED DESTINATION GSP/RULES

10.0.0.0&24 # x.x.x.0 (ftp http http-allurl http-allext ruleid.249 noauth)

195.143.145.34 # 10.7.4.85 (telnet ruleid.197 noauth)

195.143.151.0&5 # 10.7.4.85 (telnet ruleid.224 noauth)

0.0.0.0 # 10.7.4.85 (telnet ruleid.235 auth=[gwpasswd] user=[bjfee bobh])

0.0.0.0 # 10.7.4.85 (telnet ruleid.28 auth=[skey] group=[skey_0-24 skey_6-22 skey_6-24])

137.237.1.135 # 10.1.4.64 (ftp telnet ruleid.239 noauth)

0.0.0.0 # 10.1.4.60 (telnet ruleid.238 auth=[gwpasswd] user=[bjfee])

10.1.0.0&16 # 141.202.248.0 (ftp ruleid.213 noauth)

10.1.0.0&16 # 141.202.253.0 (ftp ruleid.214 noauth)

192.107.137.65 # 10.1.1.159 (5999/tcp ruleid.229 noauth)

38.227.188.3 # 10.1.0.0 (http http-allurl http-allext ruleid.147 noauth)

195.143.145.34 # 10.1.0.0 (telnet ruleid.196 noauth)

0.0.0.0 # 10.1.0.0 (telnet ruleid.172 auth=[gwpasswd] user=[bobbyb])

5,10,20,50,200 0.0.0.0 # 10.1.0.0 (1202/tcp ruleid.53 noauth)

0.0.0.0 # 10.1.0.0 (1503/tcp 1731/tcp 522/tcp ruleid.127 noauth)

0.0.0.0 # 10.1.4.77 (http http-allext http-allurl http-https ruleid.61 noauth)

0.0.0.0 # 10.1.4.66 (http http-allext http-allurl http-https ruleid.55 auth=[gwpasswd] group=[intranet])

3,5,10,25,100 129.35.0.0&16 # 0.0.0.0 (3000/tcp 3024/tcp ruleid.145 noauth)

3,5,10,25,100 10.1.0.1 # 0.0.0.0 (5631/tcp 5632/udp ruleid.142 noauth)

10.1.1.167 # 0.0.0.0 (1503/tcp 1731/tcp 522/tcp ruleid.206 noauth)

10.1.1.159 # 0.0.0.0 (5999/tcp ruleid.264 noauth)

10.1.0.0&16 # 0.0.0.0 (486/tcp ruleid.128 noauth)

10.1.0.0&16 # 0.0.0.0 (1503/tcp 1731/tcp 522/tcp ruleid.29 noauth)

10.1.0.0&16 # 0.0.0.0 (110/tcp smtp ruleid.68 noauth)

3,5,10,25,100 10.1.0.0&16 # 0.0.0.0 (515/tcp ruleid.170 noauth)

10.1.0.0&16 # 0.0.0.0 (realaudio ruleid.132 noauth)

3,5,10,25,100 10.1.0.0&16 # 0.0.0.0 (ftp ruleid.164 auth=[gwpasswd] user=[coredev])

10.1.0.0&16 # 0.0.0.0 (telnet ruleid.47 noauth)

3,5,10,25,100 10.1.0.0&16 # 0.0.0.0 (5190/tcp ruleid.151 noauth)

10.1.0.0&16 # 0.0.0.0 (nntp ruleid.30 noauth)

3,5,10,25,100 129.35.8.32 # 10.1.4.84 # 10.1.1.166 # 10.1.0.1 # 10.1.4.66 # 10.1.1.105 # 10.1.1.167 # 10.1.1.187 # 10.1.1.150 # 0.0.0.0 (ftp ruleid.124 noauth)

10.0.0.0&24 # 0.0.0.0 (6667/tcp 1533/tcp ruleid.108 noauth)

10.0.0.0&24 # 0.0.0.0 (3304/tcp 3307/tcp ruleid.242 noauth)

0.0.0.0 # 10.1.4.57 (http http-https http-ftp http-allurl http-allext ruleid.218 noauth)

0.0.0.0 # 10.1.4.67 (110/tcp ruleid.88 noauth)

129.35.0.0&16 # 10.0.0.0 (telnet ruleid.114 noauth)

5,10,20,50,200 0.0.0.0 # 10.0.0.0 (8881/tcp 8882/tcp 8883/tcp 8884/tcp 8885/tcp 8887/tcp ruleid.32 noauth)

FTP Message of the Day
Filename = ftp_motd

Gateway Message of the Day
Filename = gateway_motd

****** Private Network ***************
This is a private network.
*****************************************

Report provided by www.netsecadmin.com
For more information or customization,
contact Bobby Brown e-mail: bbrown@netsecadmin.com

Eagle Version	Eagle V5.0.3
Features Enabled	eagle-100 gateway vpn des hawk SRL
Licence Key	i67qrvV%i.?FR?EH+
Windows_NT Eagle	Version 5

Configured Interfaces
Interface	IP-Address	Descrip.	Internal	Publ. Addr.	Spoof Prot.for	Multicast	Synflood	Portscan	Input Filter	Output Filter
Elnk32	x.x.x.201		0			0	0	1
Elnk31	10.1.4.81		1	Universe*		0	0	0

Defined single Filters
Name	Descrip.	Action	from (A)	to (B)	Services
udp-filter		Allow	INTERNAL-user	Universe*	A->B UDP B->A UDP A->B netbios_137_udp A->B netbios_138_udp A->B netbios_139_udp
udp-filter1		Allow	INTERNAL-user	INTERNAL-user	A->B UDP

Defined Users
NAME	PASSWORD	USER ID	PRIM GROUP ID	DESCRIPTION
yaj	0099	setid3421
lxm	0099	menys6189

User Group Definitions
NAME	DESCRIPTION	GROUP ID	GUEST
admin	Administrator	2
ftp-users	FTP Users	301	bobgrt
intranet	web_access	302	web
power	Power	300
skey_0-24	Skey 0 - 24	108
skey_6-22	Skey 6 - 22	106
skey_6-24	Skey 6 - 24	107

Generic Proxy Services Configuration
PORT #	PROTOCOL	HOST	PORT	OPTION
1202	tcp	10.7.4.85	1202
8881	tcp	10.1.4.63	8881
8882	tcp	10.1.4.65	8882
8883	tcp	10.1.4.64	8883

Defined Network Entities
NAME	TYPE	DESCRIPTION	ADDRESS	MASK/MEMBERS
CAI_ftp_patch_site	subnet	Download patches from CAI	141.202.253.0	8
EXTERNAL_FTP	group		2	MicroFocus_ftp FTP1 FTP3 FTP4 FTP5 CAI_FTP_SITE FTP2 HP_PATCHES_SERVER CAI_ftp_patch_site
FTP1	host		ps.boulder.ibm.com
FTP2	subnet		129.34.139.0	8
FTP3	host	IBM FTP SERVER	204.146.133.203
FTP4	subnet		204.146.167.0	8
FTP5	subnet	Boulder IBM FTP Servers	198.17.57.0	8
HP_PATCHES_SERVER	host	HP Support Server	us-support.external.hp.com
IBM_host_link_access	host		www2.ibmlink.ibm.com
INTERNAL-user	subnet	All Internal Clients	10.1.0.0	16

Defined Redirected Services
SERVER	GSP	SOURCE	DESTINATION	PORT
firedog	app_TCP_1503	x.x.x.64	10.1.2.104	1503
firedog	app_TCP_1503	x.x.x.63	10.1.2.109	1503
firedog	app_TCP_1503	x.x.x.65	10.1.2.100	1503
firedog	app_TCP_1731	x.x.x.64	10.1.2.104	1731
firedog	app_TCP_1731	x.x.x.63	10.1.2.109	1731
firedog	app_TCP_1731	x.x.x.65	10.1.2.100	1731
firedog	app_TCP_522	x.x.x.63	10.1.2.109	522
firedog	app_TCP_522	x.x.x.64	10.1.2.104	522
firedog	app_TCP_522	x.x.x.65	10.1.2.100	522
firedog	ftp	x.x.x.63	10.1.4.64	21
firedog	ftp-data	x.x.x.63	10.1.4.64	20
firedog	http	x.x.x.100	10.1.4.57	80
firedog	http	x.x.x.63	10.1.4.77	80
firedog	http	x.x.x.201	10.1.4.66	80

Variables Not Set to Default
NAME	Set To
httpd	1
gopherd	1
telnetd	1
ftpd	1
srld	Disable
dnsd	0
notifyd	Enable
nsetupd	Enable
smtpd	1
vpnd	Enable
xntpd	0
readhawk	Enable
readeagle	Enable
gwproxy	Enable
gwcontrol	Enable
passer	Enable
tacacsd	Enable
realaudio	1
visualizer	0
eagleslave	Enable
fetcher	Disable
logdir	\Raptor\Eagle\sg
reverse_lookup	0
reverse_lookup_allow_mismatch	True
telnetd.timeout	36000
notifyd.modem_device	COM2
stats.log_names	On
stats.log_gwcontrol	0
httpd.sfg_port	8080
cifsd	1
nntpd	1
sfpgw	1

VPN Defined Configuration
DESCR.	TUNNEL ENDPOINT A	TUNNEL ENDPOINT B	ENCRYPTION	KEYS	AH/ESP INDEX A	AH/ESP INDEX B	FILTER	TUNNEL / TRANSPORT MODES
VPN N to Test Network	sec-n	sec-test			1211	1121		0
VPN N to M Office	sec-n	sec-m	rc2	0xh1998	113	131		0
VPN N to H Office	sec-n	sec-p	rc2	0xg1998	112	121		0

Gateway Rules Configured
THRESHOLDS	SOURCEs DEFINED	DESTINATION	GSP/RULES
	10.0.0.0&24 #	x.x.x.0	(ftp http http-allurl http-allext ruleid.249 noauth)
	195.143.145.34 #	10.7.4.85	(telnet ruleid.197 noauth)
	195.143.151.0&5 #	10.7.4.85	(telnet ruleid.224 noauth)
	0.0.0.0 #	10.7.4.85	(telnet ruleid.235 auth=[gwpasswd] user=[bjfee bobh])
	0.0.0.0 #	10.7.4.85	(telnet ruleid.28 auth=[skey] group=[skey_0-24 skey_6-22 skey_6-24])
	137.237.1.135 #	10.1.4.64	(ftp telnet ruleid.239 noauth)
	0.0.0.0 #	10.1.4.60	(telnet ruleid.238 auth=[gwpasswd] user=[bjfee])
	10.1.0.0&16 #	141.202.248.0	(ftp ruleid.213 noauth)
	10.1.0.0&16 #	141.202.253.0	(ftp ruleid.214 noauth)
	192.107.137.65 #	10.1.1.159	(5999/tcp ruleid.229 noauth)
	38.227.188.3 #	10.1.0.0	(http http-allurl http-allext ruleid.147 noauth)
	195.143.145.34 #	10.1.0.0	(telnet ruleid.196 noauth)
	0.0.0.0 #	10.1.0.0	(telnet ruleid.172 auth=[gwpasswd] user=[bobbyb])
5,10,20,50,200	0.0.0.0 #	10.1.0.0	(1202/tcp ruleid.53 noauth)
	0.0.0.0 #	10.1.0.0	(1503/tcp 1731/tcp 522/tcp ruleid.127 noauth)
	0.0.0.0 #	10.1.4.77	(http http-allext http-allurl http-https ruleid.61 noauth)
	0.0.0.0 #	10.1.4.66	(http http-allext http-allurl http-https ruleid.55 auth=[gwpasswd] group=[intranet])
3,5,10,25,100	129.35.0.0&16 #	0.0.0.0	(3000/tcp 3024/tcp ruleid.145 noauth)
3,5,10,25,100	10.1.0.1 #	0.0.0.0	(5631/tcp 5632/udp ruleid.142 noauth)
	10.1.1.167 #	0.0.0.0	(1503/tcp 1731/tcp 522/tcp ruleid.206 noauth)
	10.1.1.159 #	0.0.0.0	(5999/tcp ruleid.264 noauth)
	10.1.0.0&16 #	0.0.0.0	(486/tcp ruleid.128 noauth)
	10.1.0.0&16 #	0.0.0.0	(1503/tcp 1731/tcp 522/tcp ruleid.29 noauth)
	10.1.0.0&16 #	0.0.0.0	(110/tcp smtp ruleid.68 noauth)
3,5,10,25,100	10.1.0.0&16 #	0.0.0.0	(515/tcp ruleid.170 noauth)
	10.1.0.0&16 #	0.0.0.0	(realaudio ruleid.132 noauth)
3,5,10,25,100	10.1.0.0&16 #	0.0.0.0	(ftp ruleid.164 auth=[gwpasswd] user=[coredev])
	10.1.0.0&16 #	0.0.0.0	(telnet ruleid.47 noauth)
3,5,10,25,100	10.1.0.0&16 #	0.0.0.0	(5190/tcp ruleid.151 noauth)
	10.1.0.0&16 #	0.0.0.0	(nntp ruleid.30 noauth)
3,5,10,25,100	129.35.8.32 # 10.1.4.84 # 10.1.1.166 # 10.1.0.1 # 10.1.4.66 # 10.1.1.105 # 10.1.1.167 # 10.1.1.187 # 10.1.1.150 #	0.0.0.0	(ftp ruleid.124 noauth)
	10.0.0.0&24 #	0.0.0.0	(6667/tcp 1533/tcp ruleid.108 noauth)
	10.0.0.0&24 #	0.0.0.0	(3304/tcp 3307/tcp ruleid.242 noauth)
	0.0.0.0 #	10.1.4.57	(http http-https http-ftp http-allurl http-allext ruleid.218 noauth)
	0.0.0.0 #	10.1.4.67	(110/tcp ruleid.88 noauth)
	129.35.0.0&16 #	10.0.0.0	(telnet ruleid.114 noauth)
5,10,20,50,200	0.0.0.0 #	10.0.0.0	(8881/tcp 8882/tcp 8883/tcp 8884/tcp 8885/tcp 8887/tcp ruleid.32 noauth)