; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlEtherTypeDefault ; Specify default rule on how to handle different Ethernet type. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlEtherTypeDefault "FwlEtherTypeDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlEtherType ; Firewall rules for different Data Link Layer protocols (identified by Ethernet type) including IP, IPX, NetBEUI, ; AppleTalk and other protocols. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlEtherType ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=2048,EtherTypeAction=Allow,EtherTypeName=Internet Protocol version 4 (IPv4\, RFC 791)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=2054,EtherTypeAction=Allow,EtherTypeName=Address Resolution Protocol (ARP\, RFC 826)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=33079,EtherTypeAction=Allow,EtherTypeName=Novell Internetwork Packet Exchange (IPX)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=34525,EtherTypeAction=Allow,EtherTypeName=Internet Protocol version 6 (IPv6\, RFC 2460)" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlICMPDefault ; Specify default rule on how to handle different ICMP messages. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlICMPDefault "FwlICMPDefaultIn=Deny,FwlICMPDefaultOut=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlICMP ; Firewall rules for ICMP messages such as echo (i.e., ping), traceroute, etc. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlICMP ; version 4 entries ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=0,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Echo Reply (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (host unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=2,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (protocol unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=3,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (port unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=4,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (fragmentation was needed but \"Don\'t Fragment\" flag was set\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=6,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination network unknown\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=7,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination host unknown\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=9,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication with destination network is prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=10,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication with destination host is prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=11,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination network unreachable for the indicated type of service\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=12,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (destination host unreachable for the indicated type of service\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=13,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication is administratively prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=14,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (host precedence violation\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=15,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (precedence cutoff in effect\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=8,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Echo (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=9,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Router Advertisement (normal router advertisement\, RFC 1256)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=11,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Time Exceeded (time-to-live exceeded in transit\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=11,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Time Exceeded (fragment reassembly time exceeded\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=12,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (error indicated by pointer\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=12,ICMPCode=2,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (incorrect length\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=15,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Allow,ICMPName=Information Request (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=16,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Information Reply (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=17,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Allow,ICMPName=Address Mask Request (RFC 950)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=18,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Address Mask Reply (RFC 950)" ; version 6 entries ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Communication with Destination Administratively Prohibited" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=3,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Address Unreachable" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=4,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Port Unreachable" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=2,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Packet Too Big" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=3,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Time Exceeded (hop limit exceeded in transit)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=3,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Time Exceeded (fragment reassembly time exceeded)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=4,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (erroneous header field encountered)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=4,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (unrecognized Next Header type encountered)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=4,ICMPCode=2,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (unrecognized IPv6 option encountered)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=128,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Echo Request" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=129,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Echo Reply" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=130,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Multicast Listener Query" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=131,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Multicast Listener Report" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=132,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Multicast Listener Done" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=133,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Router Solicitation" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=134,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Router Advertisement" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=135,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Neighbor Solicitation" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=136,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Neighbor Advertisement" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=139,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=ICMPv6 Node Information Query" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=140,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=ICMPv6 Node Information Response" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=141,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Inverse Neighbor Discovery Solicitation Message" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=142,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Inverse Neighbor Discovery Advertisement Message" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPDefault ; Specify default rule on how to handle different IP filter. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPDefault "FwlIPDefault=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIP ; Filter outbound access to IP address. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIP ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPOptionDefault ; Specify default rule on how to handle different IP options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPOptionDefault "FwlIPOptionDefaultIn=Deny,FwlIPOptionDefaultOut=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIPOption ; Firewall rules for IP options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIPOption ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=0,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=End of Option List" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=0,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv6,IPOptionName=Pad-1 (i.e.\, one octet of padding)" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=1,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=No Operation" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=1,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv6,IPOptionName=Pad-N (i.e.\, N octets of padding)" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=148,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=Router Alert" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPProtocolDefault ; Specify default rule on how to handle different IP protocol. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPProtocolDefault "FwlIPProtocolDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIPProtocol ; Firewall rules for IP protocols including UDP, TCP, ICMP, IGMP, AH, ESP, etc. Certain Protocol values are only usable ; with IPv4. Similarly, other Protocol values are only usable with IPv6. Otherwise, the Protocol values are usable with ; either IPv4 or IPv6. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIPProtocol ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=1,IPProtocolAction=Allow,IPProtocolName=Internet Control Message Protocol for IPv4 (ICMP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=2,IPProtocolAction=Allow,IPProtocolName=Internet Group Management Protocol for IPv4 (IGMP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=6,IPProtocolAction=Allow,IPProtocolName=Transmission Control Protocol (TCP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=17,IPProtocolAction=Allow,IPProtocolName=User Datagram Protocol (UDP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=47,IPProtocolAction=Allow,IPProtocolName=Generic Routing Encapsulation (GRE)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=50,IPProtocolAction=Allow,IPProtocolName=IPsec Encapsulating Security Payload (ESP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=51,IPProtocolAction=Allow,IPProtocolName=IPsec Authentication Header (AH)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=58,IPProtocolAction=Allow,IPProtocolName=ICMP for IPv6 (ICMPv6)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=132,IPProtocolAction=Allow,IPProtocolName=Stream Control Transmission Protocol (SCTP)" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlPortDefault ; Specify default rule on how to handle different TCP/UDP ports. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlPortDefault "FwlPortDefaultIn=Deny,FwlPortDefaultOut=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlPort ; Firewall rules for different TCP/UDP ports including HTTP, FTP, TELNET and other port applications. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlPort ; ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=0,PortRangeEnd=0,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Reserved" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1080,PortRangeEnd=1080,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=SOCKS" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3517,PortRangeEnd=3517,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Inter-Access Point Protocol (IAPP\, IEEE 802.11F-2003)" ; ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=53,PortRangeEnd=53,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Domain Name Service (DNS\, server-to-server communications)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=80,PortRangeEnd=80,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Hyper-Text Transfer Protocol (HTTP\, World Wide Web\, RFC 2616)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1985,PortRangeEnd=1985,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Cisco Hot Standby Router Protocol (HSRP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=6000,PortRangeEnd=6063,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=X Window System" ; ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=500,PortRangeEnd=500,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Internet Security Association and Key Management Protocol (ISAKMP\, RFC 2408)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1985,PortRangeEnd=1985,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Cisco Hot Standby Router Protocol (HSRP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3476,PortRangeEnd=3476,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=NVIDIA nForce Network Management (only used over TCP)" ; ; ------------------------------------------------------------------------------------------------------------------------------------------- ; THE ITEMS BELOW REMAIN FOR REFERENCE ONLY...THEY SHOULD BE IMPLEMENTED AS WIZARDS THAT MODIFY A SELECTED CUSTOM CONFIGURATION FILE, PERHAPS ; ------------------------------------------------------------------------------------------------------------------------------------------- ; ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=666,PortRangeEnd=666,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=DOOM (id Software)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1214,PortRangeEnd=1214,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=KAZAA" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1718,PortRangeEnd=1719,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2979,PortRangeEnd=2979,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.263 Video Streaming" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=11720,PortRangeEnd=11720,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 Call Signal Alternate" ; ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=522,PortRangeEnd=522,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=User Location Service (Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1352,PortRangeEnd=1352,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Lotus Notes" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1503,PortRangeEnd=1503,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=ITU T.120 (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1720,PortRangeEnd=1720,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 call setup (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1731,PortRangeEnd=1731,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Audio call control (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2517,PortRangeEnd=2517,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 Annex E call signaling transport" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2948,PortRangeEnd=2948,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Push (not protected by Wireless TLS)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2949,PortRangeEnd=2949,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Push (protected by Wireless TLS)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=6346,PortRangeEnd=6347,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=gnutella" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9200,PortRangeEnd=9200,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Connectionless Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9201,PortRangeEnd=9201,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9202,PortRangeEnd=9202,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Secure Connectionless Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9203,PortRangeEnd=9203,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Secure Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9204,PortRangeEnd=9204,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCard" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9205,PortRangeEnd=9205,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCal" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9206,PortRangeEnd=9206,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCard Secure" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9207,PortRangeEnd=9207,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCal Secure" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlTCPOptionDefault ; Specify default rule on how to handle different TCP Options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlTCPOptionDefault "FwlTCPOptionDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlTCPOption ; Firewall rules for TCP options such as Maximum Segment Size and Selective ACK. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlTCPOption ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=0,TCPOptionAction=Allow,TCPOptionName=End of Option List (RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=1,TCPOptionAction=Allow,TCPOptionName=No Operation (RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=2,TCPOptionAction=Allow,TCPOptionName=Maximum Segment Size (MSS\, RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=3,TCPOptionAction=Allow,TCPOptionName=Window Scale (RFC 1323)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=4,TCPOptionAction=Allow,TCPOptionName=Selective ACK Permitted (SACK-Permitted\, RFC 2018)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=5,TCPOptionAction=Allow,TCPOptionName=Selective ACK (SACK\, RFC 2018)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=8,TCPOptionAction=Allow,TCPOptionName=Time Stamp Option (RFC 1323)" ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlDomainDefault ; Specify default rule on how to handle different domain name. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlDomainDefault "FwlDomainDefault=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlDomain ; Firewall rules on domain names. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlDomain ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; Parameter: FwlFlushDNS ; Flush DNS cache ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SET \\\.\root\nVIDIA\NS_Firewall:NV_FwlFlushDNS=@ "FwlFlushDNS=Clear" ; ; ; ;NV_FwlProfiles ;Select a default security level or configure a custom security level, which is a set of rules that determines the policy that the firewall follows. SET \\\.\root\nVIDIA\NS_Firewall:NV_FwlProfiles=@ "FwlProfiles=Medium" ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_Fwl ; Configure whether firewall feature is on or off. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_Fwl "Fwl=On"Download Driver Pack
After your driver has been downloaded, follow these simple steps to install it.
Expand the archive file (if the download file is in zip or rar format).
If the expanded file has an .exe extension, double click it and follow the installation instructions.
Otherwise, open Device Manager by right-clicking the Start menu and selecting Device Manager.
Find the device and model you want to update in the device list.
Double-click on it to open the Properties dialog box.
From the Properties dialog box, select the Driver tab.
Click the Update Driver button, then follow the instructions.
Very important: You must reboot your system to ensure that any driver updates have taken effect.
For more help, visit our Driver Support section for step-by-step videos on how to install drivers for every file type.