FW_DEV_EXT="eth0"

FW_DEV_INT="eth1 eth2 eth3"

FW_DEV_DMZ=""

FW_ROUTE="yes"

FW_MASQUERADE="yes"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS="0/0" # "192.168.0.0/24 192.168.1.0/24 192.168.3.0/24"

FW_PROTECT_FROM_INTERNAL="no"

FW_AUTOPROTECT_SERVICES="no"

FW_SERVICES_EXT_TCP="ftp ssh smtp domain www https braverweb braverssh braverhttps"
FW_SERVICES_EXT_UDP="ntp domain"	# Common: domain
FW_SERVICES_EXT_IP=""
FW_SERVICES_DMZ_TCP=""
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_INT_TCP="ssh smtp imap imaps www https printer braverweb braverssh braverhttps domain cvsup ftp bayesian"
FW_SERVICES_INT_UDP="ntp domain"
FW_SERVICES_INT_IP=""

FW_TRUSTED_NETS=""

FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"

FW_SERVICE_AUTODETECT="yes"	# Autodetect the services below when starting
FW_SERVICE_DNS="yes"
FW_SERVICE_DHCLIENT="yes"
FW_SERVICE_DHCPD="no"
FW_SERVICE_SQUID="no"
FW_SERVICE_SAMBA="yes"

FW_FORWARD="no"		# Beware to use this!

FW_FORWARD_MASQ=""		# Beware to use this!


FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="no"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix SuSE-FW"

FW_KERNEL_SECURITY="yes"

FW_STOP_KEEP_ROUTING_STATE="no"

FW_ALLOW_PING_FW="yes"
FW_ALLOW_PING_DMZ="no"
FW_ALLOW_PING_EXT="no"



FW_ALLOW_FW_TRACEROUTE="yes"

FW_ALLOW_FW_SOURCEQUENCH="yes"

FW_ALLOW_FW_BROADCAST="no"
FW_IGNORE_FW_BROADCAST="yes"

FW_ALLOW_CLASS_ROUTING="yes"