; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlEtherTypeDefault ; Specify default rule on how to handle different Ethernet type. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlEtherTypeDefault "FwlEtherTypeDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlEtherType ; Firewall rules for different Data Link Layer protocols (identified by Ethernet type) including IP, IPX, NetBEUI, ; AppleTalk and other protocols. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlEtherType ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=2048,EtherTypeAction=Allow,EtherTypeName=Internet Protocol version 4 (IPv4\, RFC 791)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=2054,EtherTypeAction=Allow,EtherTypeName=Address Resolution Protocol (ARP\, RFC 826)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=33079,EtherTypeAction=Allow,EtherTypeName=Novell Internetwork Packet Exchange (IPX)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=34525,EtherTypeAction=Allow,EtherTypeName=Internet Protocol version 6 (IPv6\, RFC 2460)" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlICMPDefault ; Specify default rule on how to handle different ICMP messages. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlICMPDefault "FwlICMPDefaultIn=Allow,FwlICMPDefaultOut=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlICMP ; Firewall rules for ICMP messages such as echo (i.e., ping), traceroute, etc. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlICMP ; version 4 entries ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=1,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Not Assigned" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=2,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Not Assigned" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Destination Unreachable (net unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (host unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=4,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (fragmentation was needed but \"Don\'t Fragment\" flag was set\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=5,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Destination Unreachable (source route failed\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=6,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination network unknown\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=7,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination host unknown\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=8,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Destination Unreachable (source host isolated\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=9,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication with destination network is prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=10,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication with destination host is prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=11,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination network unreachable for the indicated type of service\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=13,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication is administratively prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=4,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Source Quench (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=5,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Redirect (for the network or subnet\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=5,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Redirect (for the host\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=5,ICMPCode=2,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Redirect (for the type of service and network\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=5,ICMPCode=3,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Redirect (for the type of service and host\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=7,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Not Assigned" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=9,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Router Advertisement (normal router advertisement\, RFC 1256)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=9,ICMPCode=16,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Router Advertisement (does not route common traffic\, RFC 1256)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=12,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Parameter Problem (missing a required option\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=13,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Timestamp (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=14,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Timestamp Reply (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=16,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Information Reply (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=18,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Address Mask Reply (RFC 950)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=31,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=TP/IX Datagram Conversion Error (RFC 1475)" ; version 6 entries ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=No Route to Destination" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Communication with Destination Administratively Prohibited" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=2,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Not Assigned" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=3,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Address Unreachable" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=2,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Packet Too Big" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=3,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Time Exceeded (hop limit exceeded in transit)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=3,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Time Exceeded (fragment reassembly time exceeded)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=130,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Multicast Listener query" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=134,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Router Advertisement" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=137,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Redirect Message" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=138,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Router Renumbering (command)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=138,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Router Renumbering (result)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=138,ICMPCode=255,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Router Renumbering (sequence number reset)" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPDefault ; Specify default rule on how to handle different IP filter. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPDefault "FwlIPDefault=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIP ; Filter outbound access to IP address. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIP ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPOptionDefault ; Specify default rule on how to handle different IP options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPOptionDefault "FwlIPOptionDefaultIn=Deny,FwlIPOptionDefaultOut=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIPOption ; Firewall rules for IP options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIPOption ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=0,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=End of Option List" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=0,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv6,IPOptionName=Pad-1 (i.e.\, one octet of padding)" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=1,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=No Operation" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=1,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv6,IPOptionName=Pad-N (i.e.\, N octets of padding)" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=131,IPOptionActionIn=Allow,IPOptionActionOut=Deny,IPOptionVersion=IPv4,IPOptionName=Loose Source Route" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=137,IPOptionActionIn=Allow,IPOptionActionOut=Deny,IPOptionVersion=IPv4,IPOptionName=Strict Source Route" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=148,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=Router Alert" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPProtocolDefault ; Specify default rule on how to handle different IP protocol. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPProtocolDefault "FwlIPProtocolDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIPProtocol ; Firewall rules for IP protocols including UDP, TCP, ICMP, IGMP, AH, ESP, etc. Certain Protocol values are only usable ; with IPv4. Similarly, other Protocol values are only usable with IPv6. Otherwise, the Protocol values are usable with ; either IPv4 or IPv6. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIPProtocol ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=1,IPProtocolAction=Allow,IPProtocolName=Internet Control Message Protocol for IPv4 (ICMP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=2,IPProtocolAction=Allow,IPProtocolName=Internet Group Management Protocol for IPv4 (IGMP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=4,IPProtocolAction=Allow,IPProtocolName=IPv4 (encapsulated over either IPv4 or IPv6)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=6,IPProtocolAction=Allow,IPProtocolName=Transmission Control Protocol (TCP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=17,IPProtocolAction=Allow,IPProtocolName=User Datagram Protocol (UDP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=41,IPProtocolAction=Allow,IPProtocolName=IPv6 (encapsulated over either IPv4 or IPv6)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=47,IPProtocolAction=Allow,IPProtocolName=Generic Routing Encapsulation (GRE)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=50,IPProtocolAction=Allow,IPProtocolName=IPsec Encapsulating Security Payload (ESP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=51,IPProtocolAction=Allow,IPProtocolName=IPsec Authentication Header (AH)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=58,IPProtocolAction=Allow,IPProtocolName=ICMP for IPv6 (ICMPv6)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=132,IPProtocolAction=Allow,IPProtocolName=Stream Control Transmission Protocol (SCTP)" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlPortDefault ; Specify default rule on how to handle different TCP/UDP ports. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlPortDefault "FwlPortDefaultIn=Deny,FwlPortDefaultOut=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlPort ; Firewall rules for different TCP/UDP ports including HTTP, FTP, TELNET and other port applications. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlPort ; ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=0,PortRangeEnd=0,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Reserved" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1080,PortRangeEnd=1080,PortProtocol=Both,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=SOCKS" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3517,PortRangeEnd=3517,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Inter-Access Point Protocol (IAPP\, IEEE 802.11F-2003)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=5060,PortRangeEnd=5060,PortProtocol=Both,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Session Initiation Protocol (RFC 3261-3266)" ; ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=21,PortRangeEnd=21,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=File Transfer Protocol control (FTP control\, RFC 959)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=25,PortRangeEnd=25,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Simple Mail Transfer Protocol (SMTP\, RFC 2821)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=53,PortRangeEnd=53,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Domain Name Service (DNS\, server-to-server communications)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=80,PortRangeEnd=80,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Hyper-Text Transfer Protocol (HTTP\, World Wide Web\, RFC 2616)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=110,PortRangeEnd=110,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Post Office Protocol version 3 (POP3\, RFC 1939)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=143,PortRangeEnd=143,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Internet Message Access Protocol (IMAP\, RFC 3501)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=443,PortRangeEnd=443,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=HTTP over TLS or SSL (HTTPS)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=995,PortRangeEnd=995,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=POP3 over TLS/SSL" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1723,PortRangeEnd=1723,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Point-to-Point Tunneling Protocol (PPTP\, RFC 2637)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1985,PortRangeEnd=1985,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Cisco Hot Standby Router Protocol (HSRP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3476,PortRangeEnd=3476,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=NVIDIA nForce Network Management" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=5061,PortRangeEnd=5061,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Session Initiation Protocol over TLS/SSL (RFC 3261-3266)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=6000,PortRangeEnd=6063,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=X Window System" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=8080,PortRangeEnd=8080,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=HTTP Alternate (see port 80)" ; ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=69,PortRangeEnd=69,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Trivial File Transfer Protocol (TFTP\, RFC 1350)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=80,PortRangeEnd=80,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=HTTP (Simple Object Access Protocol\, SOAP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=123,PortRangeEnd=123,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Network Time Protocol (NTP\, RFC 1305)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=500,PortRangeEnd=500,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Internet Security Association and Key Management Protocol (ISAKMP\, RFC 2408)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=580,PortRangeEnd=580,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Simple Network Time Protocol (SNTP) heartbeat (RFC 1769)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1900,PortRangeEnd=1900,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Simple Service Discovery Protocol (SSDP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1985,PortRangeEnd=1985,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Cisco Hot Standby Router Protocol (HSRP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3476,PortRangeEnd=3476,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=NVIDIA nForce Network Management (only used over TCP)" ; ; ------------------------------------------------------------------------------------------------------------------------------------------- ; THE ITEMS BELOW REMAIN FOR REFERENCE ONLY...THEY SHOULD BE IMPLEMENTED AS WIZARDS THAT MODIFY A SELECTED CUSTOM CONFIGURATION FILE, PERHAPS ; ------------------------------------------------------------------------------------------------------------------------------------------- ; ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=666,PortRangeEnd=666,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=DOOM (id Software)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1214,PortRangeEnd=1214,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=KAZAA" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1718,PortRangeEnd=1719,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2979,PortRangeEnd=2979,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.263 Video Streaming" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=11720,PortRangeEnd=11720,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 Call Signal Alternate" ; ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=522,PortRangeEnd=522,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=User Location Service (Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1352,PortRangeEnd=1352,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Lotus Notes" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1503,PortRangeEnd=1503,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=ITU T.120 (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1720,PortRangeEnd=1720,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 call setup (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1731,PortRangeEnd=1731,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Audio call control (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2517,PortRangeEnd=2517,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 Annex E call signaling transport" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2948,PortRangeEnd=2948,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Push (not protected by Wireless TLS)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2949,PortRangeEnd=2949,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Push (protected by Wireless TLS)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=6346,PortRangeEnd=6347,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=gnutella" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9200,PortRangeEnd=9200,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Connectionless Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9201,PortRangeEnd=9201,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9202,PortRangeEnd=9202,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Secure Connectionless Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9203,PortRangeEnd=9203,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Secure Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9204,PortRangeEnd=9204,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCard" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9205,PortRangeEnd=9205,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCal" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9206,PortRangeEnd=9206,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCard Secure" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9207,PortRangeEnd=9207,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCal Secure" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlTCPOptionDefault ; Specify default rule on how to handle different TCP Options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlTCPOptionDefault "FwlTCPOptionDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlTCPOption ; Firewall rules for TCP options such as Maximum Segment Size and Selective ACK. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlTCPOption ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=0,TCPOptionAction=Allow,TCPOptionName=End of Option List (RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=1,TCPOptionAction=Allow,TCPOptionName=No Operation (RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=2,TCPOptionAction=Allow,TCPOptionName=Maximum Segment Size (MSS\, RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=3,TCPOptionAction=Allow,TCPOptionName=Window Scale (RFC 1323)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=4,TCPOptionAction=Allow,TCPOptionName=Selective ACK Permitted (SACK-Permitted\, RFC 2018)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=5,TCPOptionAction=Allow,TCPOptionName=Selective ACK (SACK\, RFC 2018)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=8,TCPOptionAction=Allow,TCPOptionName=Time Stamp Option (RFC 1323)" ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlDomainDefault ; Specify default rule on how to handle different domain name. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlDomainDefault "FwlDomainDefault=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlDomain ; Firewall rules on domain names. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlDomain ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; Parameter: FwlFlushDNS ; Flush DNS cache ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SET \\\.\root\nVIDIA\NS_Firewall:NV_FwlFlushDNS=@ "FwlFlushDNS=Clear" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_Fwl ; Configure whether firewall feature is on or off. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_Fwl "Fwl=On"Download Driver Pack
After your driver has been downloaded, follow these simple steps to install it.
Expand the archive file (if the download file is in zip or rar format).
If the expanded file has an .exe extension, double click it and follow the installation instructions.
Otherwise, open Device Manager by right-clicking the Start menu and selecting Device Manager.
Find the device and model you want to update in the device list.
Double-click on it to open the Properties dialog box.
From the Properties dialog box, select the Driver tab.
Click the Update Driver button, then follow the instructions.
Very important: You must reboot your system to ensure that any driver updates have taken effect.
For more help, visit our Driver Support section for step-by-step videos on how to install drivers for every file type.