Obsolete as of August 2013
Our firewall service has been shut down and replaced with router-based ACLs.Firewall quick reference
The alleged definitive statement on firewall zone organization is presently located at http://www.cs.uwaterloo.ca/cscf/old/policies/firewall
. It is, however, obsolete as of January 2010.
| Zone ID | Description | Networks |
|---|---|---|
| -1 | not firewalled | 172.19.0.0/20, 129.97.{74, 75, 78, 79}/24, 10.15.0.0/20 |
| 0 | CSCF internal, few restrictions | 172.19.16.0/20, 129.97.15.0/24, 10.15.16.0/20 |
| 1 | CS public servers | 172.19.32.0/20, 129.97.152.0/24, 10.15.32.0/20 |
| 2 | thin clients, allows remote-access protocols | 172.19.48.0/20, 129.97.59.0/25, 10.15.48.0/20 |
| 3 | teaching workstations, no inbound traffic | 172.19.64.0/20, 129.97.51.0/24, 129.97.59.128/25, 10.15.64.0/20 |
| 4 | office workstations, allows SSH & RDP | 172.19.80.0/20, 129.97.{84, 168, 169}.0/24, 129.97.170.0/23, 10.15.80.0/20 |
| 5 | research computers, unrestricted outbound (stateful), inbound customizable | 172.19.96.0/20, 129.97.7.0/24, 10.15.96.0/20 |
Topic revision: r4 - 2021-09-27 - DaveGawley
Information in this area is meant for use by CSCF staff and is not official documentation, but anybody who is interested is welcome to use it if they find it useful.
- CF Web
- CF Web Home
- Changes
- Index
- Search
- Administration
- Communication
- Hardware
- HelpDeskGuide
- Infrastructure
- InternalProjects
- Linux
- MachineNotes
- Macintosh
- Management
- Networking
- Printing
- Research
- Security
- Software
- Solaris
- StaffStuff
- TaskGroups
- TermGoals
- Teaching
- UserSupport
- Vendors
- Windows
- XHier
- Other Webs
- My links
 |
|
Copyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback