NDC Logical Firewall Rule Generator    (Version 3.13 Variation 172,e10)

Note: the rules generated by this version 3 rule generator are significantly different from those generated by version 1. If you made any manual edits to version 1 rules, they will probably need work. If you're not yet ready to upgrade, follow this link to the most recent version 1 rule generator.

Similarly, but to a lesser extent, If you manually changed either the "MASQUERADING_NAT=" line or the "state ESTABLISHED" line in the tables file generated with a version 2 rule generator, you may need to undo that prior to your first (and only your first) use of "gui-paste" with output from this version 3 rule generator. For your convenience, if you're not yet ready to upgrade, follow this link to the most recent version 2 rule generator.


To begin,

EITHER:  enter the public/routable IP address of your firewall and the netmask for that subnet:

                    IP:  NETMASK:  and its 172. address: 

                    and campus public nets with 172 connectivity: 

                    and its extra-10-net IP: 10.0. and NETMASK: 

OR:  upload the "tables" file from a previous session: 

And then or else


Please enter a valid IP and netmask specification or upload a "tables" file previously generated by cgi script Revision 1.50 or newer.


Corey Satten

Home Page