From 9814104f876a1086b317489a9ca5e227e9e68d41 Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Tue, 1 May 2012 05:52:31 +0000
Subject: add sample policy file

---
 sample-policy.json | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 sample-policy.json

diff --git a/sample-policy.json b/sample-policy.json
new file mode 100644
index 0000000..73850c3
--- /dev/null
+++ b/sample-policy.json
@@ -0,0 +1,40 @@
+{
+  "variable": { "internet_if": "eth0" },
+
+  "zone": {
+    "internet": { "iface": "$internet_if" }
+  },
+
+  "policy": [
+    { "in": "internet", "action": "drop" },
+    { "action": "reject" }
+  ]
+
+  "filter": [
+    {
+      "in": "internet",
+      "service": "ping",
+      "action": "accept",
+      "flow-limit": { "count": 10, "interval": 6 }
+    },
+    {
+      "in": "internet",
+      "out": "_fw",
+      "service": "ssh",
+      "action": "accept",
+      "conn-limit": { "count": 3, "interval": 60 }
+    },
+
+    {
+      "in": "_fw",
+      "out": "internet",
+      "service": [ "dns", "http", "ntp" ],
+      "action": "accept"
+    },
+    {
+      "in": "_fw",
+      "service": [ "ping", "ssh" ],
+      "action": "accept"
+    }
+  ]
+}
-- 
cgit v1.2.3