Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick 2700 Configuration: Difference between revisions

← Older editNewer edit →
Content deleted Content added
CrazyTeeka (talk | contribs)
editor
426 edits
No edit summary
CrazyTeeka (talk | contribs)
editor
426 edits
No edit summary
Line 291: Line 291:


=Firewall=
=Firewall=

Here are pre-written firewall rules:

==Steam Client==
==Steam Client==

These static DNS entries help keep the IP addresses matched to the ones in the firewall:


<syntaxhighlight>
<syntaxhighlight>
<dns resolvers="2001:8b0::2020 2001:8b0::2021 217.169.20.20 217.169.20.21">
<dns resolvers="2001:8b0::2020 2001:8b0::2021 217.169.20.20 217.169.20.21">
<host name="api.steampowered.com" ip="173.223.184.147"/>
<host name="api.steampowered.com" ip="173.223.184.147"/>
<host name="br01.broadcast.fra.steamstatic.com" ip="162.254.197.44"/>
<host name="br01.broadcast.sto.steamstatic.com" ip="162.254.198.15"/>
<host name="br02.broadcast.fra.steamstatic.com" ip="162.254.197.45"/>
<host name="br02.broadcast.sto.steamstatic.com" ip="162.254.198.79"/>
<host name="br02.broadcast.sto.steamstatic.com" ip="162.254.198.79"/>
<host name="br03.broadcast.fra.steamstatic.com" ip="162.254.197.46"/>
<host name="br03.broadcast.sto.steamstatic.com" ip="162.254.198.16"/>
<host name="br03.broadcast.sto.steamstatic.com" ip="162.254.198.16"/>
<host name="br04.broadcast.fra.steamstatic.com" ip="162.254.197.47"/>
<host name="br04.broadcast.sto.steamstatic.com" ip="162.254.198.80"/>
<host name="br04.broadcast.sto.steamstatic.com" ip="162.254.198.80"/>
<host name="cdn.akamai.steamstatic.com" ip="23.63.98.26 23.63.98.32"/>
<host name="cdn.akamai.steamstatic.com" ip="23.63.98.26 23.63.98.32"/>
<host name="cdn.store.steampowered.com" ip="23.63.98.26 23.63.98.32"/>
<host name="cgpromotion.azurewebsites.net" ip="104.40.183.236"/>
<host name="cgpromotion.azurewebsites.net" ip="104.40.183.236"/>
<host name="client-download.steampowered.com" ip="162.254.192.16 162.254.192.17 162.254.192.18 162.254.192.19 162.254.192.20 162.254.192.21 162.254.193.16 162.254.193.17 162.254.193.18 162.254.193.19 162.254.195.13 162.254.195.14 162.254.195.18 162.254.195.19 205.196.6.132 208.64.200.7 208.64.200.8"/>
<host name="client-download.steampowered.com" ip="162.254.192.16 162.254.192.17 162.254.192.18 162.254.192.19 162.254.192.20 162.254.192.21 162.254.193.16 162.254.193.17 162.254.193.18 162.254.193.19 162.254.195.13 162.254.195.14 162.254.195.18 162.254.195.19 205.196.6.132 208.64.200.7 208.64.200.8"/>
<host name="clientconfig.akamai.steamstatic.com" ip="23.63.98.26 23.63.98.32"/>
<host name="clientconfig.akamai.steamstatic.com" ip="23.63.98.26 23.63.98.32"/>
<host name="images.akamai.steamusercontent.com" ip="23.63.98.26 23.63.98.32"/>
<host name="media.steampowered.com" ip="23.63.98.26 23.63.98.32"/>
<host name="media.steampowered.com" ip="23.63.98.26 23.63.98.32"/>
<host name="media2.steampowered.com" ip="205.185.216.10 205.185.216.42"/>
<host name="media2.steampowered.com" ip="205.185.216.10 205.185.216.42"/>
Line 308: Line 320:
<host name="media4.steampowered.com" ip="23.63.98.26 23.63.98.32"/>
<host name="media4.steampowered.com" ip="23.63.98.26 23.63.98.32"/>
<host name="repo.steampowered.com" ip="23.63.98.26 23.63.98.32"/>
<host name="repo.steampowered.com" ip="23.63.98.26 23.63.98.32"/>
<host name="steamcloud-eu.storage.googleapis.com" ip="64.233.166.128"/>
<host name="steamcloudams.blob.core.windows.net" ip="168.61.58.14"/>
<host name="steamcloudams.blob.core.windows.net" ip="168.61.58.14"/>
<host name="steamclouddub.blob.core.windows.net" ip="191.235.193.40"/>
<host name="steamcommunity-a.akamaihd.net" ip="23.63.99.219 23.67.255.202"/>
<host name="steamcommunity-a.akamaihd.net" ip="23.63.99.219 23.67.255.202"/>
<host name="steamcommunity.com" ip="92.122.219.245"/>
<host name="steamcommunity.com" ip="92.122.219.245"/>
<host name="store.akamai.steamstatic.com" ip="23.63.98.26 23.63.98.32"/>
<host name="store.steampowered.com" ip="173.223.184.147"/>
<host name="store.steampowered.com" ip="173.223.184.147"/>
</dns>
</dns>
</syntaxhighlight>
</syntaxhighlight>

Outbound Rules - Change the MAC address in the source-mac= element to your own:


<syntaxhighlight>
<syntaxhighlight>
<rule-set name="Steam Client" source-interface="LAN" target-interface="pppoe" no-match-action="continue">
<rule-set name="Steam Client: Outbound" source-interface="LAN" target-interface="pppoe" no-match-action="continue">
<rule name="NTP" target-port="123" protocol="17" action="accept"/>
<rule name="NTP" target-port="123" protocol="17" action="accept"/>
<rule name="TCP" target-port="27014-27050" protocol="6" action="accept"/>
<rule name="TCP" target-port="27014-27050" protocol="6" action="accept"/>
<rule name="UDP" target-port="3478 4379 4380 27000-27030" protocol="17" action="accept"/>
<rule name="UDP" target-port="3478 4379 4380 27000-27030" protocol="17" action="accept"/>
<rule name="HTTP" target-ip="23.63.98.26 23.63.98.32 23.63.99.219 23.67.255.202 92.122.219.245 155.133.248.10-19 162.254.192.16-21 162.254.193.16/30 162.254.198.16 162.254.198.79-80 173.223.184.147" target-port="80 443" protocol="6" action="accept"/>
<rule name="HTTP" target-ip="8.253.70.30 8.253.70.142 8.254.191.238 23.63.98.26 23.63.98.32 23.63.99.219 23.67.255.202 92.122.219.245 155.133.248.0/24 162.254.192.0/24 162.254.193.0/24 162.254.197.0/24 162.254.198.0/24 173.223.184.147 205.185.216.10 205.185.216.42" target-port="80 443" protocol="6" action="accept"/>
<rule name="Deponia" target-ip="104.40.183.236 168.61.58.14 191.235.193.40" target-port="80 443" protocol="6" action="accept"/>
<rule name="Deponia" target-ip="64.233.166.128 104.40.183.236 168.61.58.14 191.235.193.40" target-port="80 443" protocol="6" action="accept"/>
<rule name="Deny All" source-mac="D8CB8AA2464E" action="reject"/>
<rule name="Deny All" source-mac="D8CB8AA2464E" action="reject"/>
</rule-set>
</syntaxhighlight>

Inbound Rules:

<syntaxhighlight>
<rule-set name="Steam Client: Inbound" target-interface="LAN" no-match-action="reject">
<rule name="Allow Firebrick" source-interface="self"/>
<rule name="TCP" target-port="27014-27050" protocol="6" action="accept"/>
<rule name="UDP" target-port="3478 4379 4380 27000-27030" protocol="17" action="accept"/>
</rule-set>
</rule-set>
</syntaxhighlight>
</syntaxhighlight>
Retrieved from "http://support.aa.net.uk/FireBrick_2700_Configuration"