HOME


sh-3ll 1.0
DIR:/lib/firewalld/zones/
Upload File :
Current File : //lib/firewalld/zones/LW_STAFF.xml
<?xml version="1.0" encoding="utf-8"?>
<zone target="ACCEPT">
  <short>LW_STAFF</short>
  <description>Firewall rules required to allow Liquid Web staff access to your server. These must be present on all supported servers. Dropping these rules may negate support.</description>

  
  <!-- zone ranges - lw-office-staff -->
  <source address="10.20.4.0/22" />
  <source address="50.28.76.132/32" />
  <source address="2607:fad0:32:a03::/64" />
  <source address="10.30.4.0/22" />
  <source address="10.30.104.0/24" />
  <source address="2607:fad0:32:a02::/64" />
  <!-- zone ranges - sa-office-staff -->
  <source address="10.255.234.128/25" />
  <source address="10.255.235.0/25" />
  <source address="10.255.235.128/26" />
  <source address="10.255.235.192/26" />
  <source address="10.255.236.64/26" />
  <source address="10.255.236.128/26" />
  <source address="10.255.236.192/26" />
  <!-- zone ranges - sa-cs-vpn -->
  <source address="10.255.233.128/25" />
  <!-- zone ranges - intl-team -->
  <source address="10.20.44.0/22" />
  <source address="10.255.227.0/24" />
  <source address="192.168.94.0/24" />
  <!-- zone ranges - workbench -->
  <source address="69.167.129.192/28" />
  <!-- zone ranges - dc3-syseng -->
  <source address="10.30.104.0/24" />
  <!-- zone ranges - mellon_jumpboxes -->
  <!-- zone ranges - bifrost-tunnel -->
  <source address="10.64.0.13/32" />
  <source address="10.64.96.24/32" />
  <source address="10.64.32.173/32" />
  <source address="10.64.16.34/32" />
  <source address="10.64.160.20/32" />
  <source address="10.64.64.16/32" />
  <source address="10.64.128.23/32" />
  <source address="10.64.144.12/32" />
  <source address="10.75.32.15/32" />
  <source address="10.75.16.13/32" />
  <source address="10.75.64.25/32" />
  <source address="10.75.48.21/32" />
  <source address="10.75.96.12/32" />
  <source address="10.79.165.30/32" />
  <source address="10.79.118.251/32" />
  <source address="207.32.190.51/32" />
  <source address="10.75.112.2/32" />
  <source address="185.145.13.79/32" />
  <source address="10.67.2.78/32" />
  <source address="10.75.128.110/32" />
  <source address="10.72.66.194/32" />
  <source address="10.75.145.159/32" />
  <source address="192.240.191.2/32" />
  <!-- zone ranges - managed hosting other -->
  <source address="209.126.25.175/32" />
  <source address="208.69.120.31/32" />
  <source address="172.17.194.102/32" />
  <source address="172.27.224.3/32" />
  <source address="10.64.0.215/32" />
  <source address="209.126.31.103/32" />
  <source address="10.64.32.43/32" />
  <source address="10.64.0.9/32" />
  <source address="69.160.55.103/32" />
  <source address="66.51.154.178/32" />
  <source address="208.69.120.33/32" />
  <source address="172.17.194.116/32" />
  <source address="209.126.25.207/32" />
  <source address="209.126.24.34/32" />
  <!-- zone ranges - dc3-qa -->
  <source address="10.30.2.128/25" />

  <!-- services to allow -->
  <rule><accept/><service name="ssh" /></rule>
  <rule><accept/><service name="smtp" /></rule>
  <rule><accept/><service name="http" /></rule>
  <rule><accept/><service name="https" /></rule>

  <!-- custom cPanel ports to allow -->
  <rule><accept/><port port="2083" protocol="tcp"/></rule>
  <rule><accept/><port port="2087" protocol="tcp"/></rule>
  <rule><accept/><port port="2096" protocol="tcp"/></rule>

  <!-- custom plesk ports -->
  <rule><accept/><port port="8443" protocol="tcp"/></rule>

  <!-- custom interworx ports -->
  <rule><accept/><port port="2443" protocol="tcp"/></rule>

  <!-- ping services to allow -->
  <rule><accept/><icmp-type name="echo-request" /></rule>
  <rule><accept/><icmp-type name="echo-reply" /></rule>
</zone>