; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlEtherTypeDefault ; Specify default rule on how to handle different Ethernet type. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlEtherTypeDefault "FwlEtherTypeDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlEtherType ; Firewall rules for different Data Link Layer protocols (identified by Ethernet type) including IP, IPX, NetBEUI, ; AppleTalk and other protocols. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlEtherType ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=2048,EtherTypeAction=Allow,EtherTypeName=Internet Protocol version 4 (IPv4\, RFC 791)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=2054,EtherTypeAction=Allow,EtherTypeName=Address Resolution Protocol (ARP\, RFC 826)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=2056,EtherTypeAction=Deny,EtherTypeName=Frame Relay ARP / Inverse ARP (InARP\, RFC 2390)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=32923,EtherTypeAction=Deny,EtherTypeName=AppleTalk Datagram Delivery Protocol (DDP)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=33011,EtherTypeAction=Deny,EtherTypeName=AppleTalk ARP (AARP)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=33079,EtherTypeAction=Allow,EtherTypeName=Novell Internetwork Packet Exchange (IPX)" ADDROW root\nvidia\ns_firewall:NV_FwlEtherType "EtherType=34525,EtherTypeAction=Allow,EtherTypeName=Internet Protocol version 6 (IPv6\, RFC 2460)" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlICMPDefault ; Specify default rule on how to handle different ICMP messages. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlICMPDefault "FwlICMPDefaultIn=Deny,FwlICMPDefaultOut=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlICMP ; Firewall rules for ICMP messages such as echo (i.e., ping), traceroute, etc. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlICMP ; version 4 entries ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=0,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Echo Reply (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=1,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Not Assigned" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=2,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Not Assigned" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Destination Unreachable (net unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (host unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=2,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (protocol unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=3,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (port unreachable\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=4,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (fragmentation was needed but \"Don\'t Fragment\" flag was set\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=5,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Destination Unreachable (source route failed\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=6,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination network unknown\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=7,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination host unknown\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=8,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Destination Unreachable (source host isolated\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=9,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication with destination network is prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=10,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication with destination host is prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=11,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (destination network unreachable for the indicated type of service\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=12,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (destination host unreachable for the indicated type of service\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=13,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Destination Unreachable (communication is administratively prohibited\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=14,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (host precedence violation\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=3,ICMPCode=15,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Destination Unreachable (precedence cutoff in effect\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=4,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Source Quench (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=5,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Redirect (for the network or subnet\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=5,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Redirect (for the host\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=5,ICMPCode=2,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Redirect (for the type of service and network\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=5,ICMPCode=3,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Redirect (for the type of service and host\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=7,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Not Assigned" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=8,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Echo (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=9,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Router Advertisement (normal router advertisement\, RFC 1256)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=9,ICMPCode=16,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Router Advertisement (does not route common traffic\, RFC 1256)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=11,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Time Exceeded (time-to-live exceeded in transit\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=11,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Time Exceeded (fragment reassembly time exceeded\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=12,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (error indicated by pointer\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=12,ICMPCode=1,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Parameter Problem (missing a required option\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=12,ICMPCode=2,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (incorrect length\, RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=13,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Timestamp (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=14,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Timestamp Reply (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=15,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Allow,ICMPName=Information Request (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=16,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Information Reply (RFC 792)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=17,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Allow,ICMPName=Address Mask Request (RFC 950)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=18,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Address Mask Reply (RFC 950)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv4,ICMPType=31,ICMPCode=0,ICMPRemoteIP=0.0.0.0,ICMPRemoteIPMask=255.255.255.255,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=TP/IX Datagram Conversion Error (RFC 1475)" ; version 6 entries ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=No Route to Destination" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Communication with Destination Administratively Prohibited" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=2,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Not Assigned" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=3,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Address Unreachable" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=1,ICMPCode=4,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Port Unreachable" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=2,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Packet Too Big" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=3,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Time Exceeded (hop limit exceeded in transit)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=3,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Time Exceeded (fragment reassembly time exceeded)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=4,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (erroneous header field encountered)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=4,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (unrecognized Next Header type encountered)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=4,ICMPCode=2,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Parameter Problem (unrecognized IPv6 option encountered)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=128,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Echo Request" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=129,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Echo Reply" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=130,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Multicast Listener Query" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=131,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Multicast Listener Report" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=132,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Multicast Listener Done" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=133,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Router Solicitation" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=134,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Deny,ICMPName=Router Advertisement" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=135,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Neighbor Solicitation" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=136,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Neighbor Advertisement" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=137,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Redirect Message" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=138,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Router Renumbering (command)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=138,ICMPCode=1,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Router Renumbering (result)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=138,ICMPCode=255,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Deny,ICMPActionOut=Deny,ICMPName=Router Renumbering (sequence number reset)" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=139,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=ICMPv6 Node Information Query" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=140,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=ICMPv6 Node Information Response" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=141,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Inverse Neighbor Discovery Solicitation Message" ADDROW root\nvidia\ns_firewall:NV_FwlICMP "ICMPVersion=ICMPv6,ICMPType=142,ICMPCode=0,ICMPRemoteIP=::,ICMPRemoteIPMask=128,ICMPActionIn=Allow,ICMPActionOut=Allow,ICMPName=Inverse Neighbor Discovery Advertisement Message" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPDefault ; Specify default rule on how to handle different IP filter. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPDefault "FwlIPDefault=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIP ; Filter outbound access to IP address. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIP ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPOptionDefault ; Specify default rule on how to handle different IP options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPOptionDefault "FwlIPOptionDefaultIn=Deny,FwlIPOptionDefaultOut=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIPOption ; Firewall rules for IP options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIPOption ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=0,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=End of Option List" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=0,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv6,IPOptionName=Pad-1 (i.e.\, one octet of padding)" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=1,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=No Operation" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=1,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv6,IPOptionName=Pad-N (i.e.\, N octets of padding)" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=68,IPOptionActionIn=Deny,IPOptionActionOut=Deny,IPOptionVersion=IPv4,IPOptionName=Time Stamp" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=7,IPOptionActionIn=Deny,IPOptionActionOut=Deny,IPOptionVersion=IPv4,IPOptionName=Record Route" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=131,IPOptionActionIn=Deny,IPOptionActionOut=Deny,IPOptionVersion=IPv4,IPOptionName=Loose Source Route" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=137,IPOptionActionIn=Deny,IPOptionActionOut=Deny,IPOptionVersion=IPv4,IPOptionName=Strict Source Route" ADDROW root\nvidia\ns_firewall:NV_FwlIPOption "IPOptionNumber=148,IPOptionActionIn=Allow,IPOptionActionOut=Allow,IPOptionVersion=IPv4,IPOptionName=Router Alert" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlIPProtocolDefault ; Specify default rule on how to handle different IP protocol. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlIPProtocolDefault "FwlIPProtocolDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlIPProtocol ; Firewall rules for IP protocols including UDP, TCP, ICMP, IGMP, AH, ESP, etc. Certain Protocol values are only usable ; with IPv4. Similarly, other Protocol values are only usable with IPv6. Otherwise, the Protocol values are usable with ; either IPv4 or IPv6. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlIPProtocol ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=1,IPProtocolAction=Allow,IPProtocolName=Internet Control Message Protocol for IPv4 (ICMP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=2,IPProtocolAction=Allow,IPProtocolName=Internet Group Management Protocol for IPv4 (IGMP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=4,IPProtocolAction=Deny,IPProtocolName=IPv4 (encapsulated over either IPv4 or IPv6)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=6,IPProtocolAction=Allow,IPProtocolName=Transmission Control Protocol (TCP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=17,IPProtocolAction=Allow,IPProtocolName=User Datagram Protocol (UDP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=41,IPProtocolAction=Deny,IPProtocolName=IPv6 (encapsulated over either IPv4 or IPv6)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=47,IPProtocolAction=Allow,IPProtocolName=Generic Routing Encapsulation (GRE)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=50,IPProtocolAction=Allow,IPProtocolName=IPsec Encapsulating Security Payload (ESP)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=51,IPProtocolAction=Allow,IPProtocolName=IPsec Authentication Header (AH)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=58,IPProtocolAction=Allow,IPProtocolName=ICMP for IPv6 (ICMPv6)" ADDROW root\nvidia\ns_firewall:NV_FwlIPProtocol "IPProtocol=132,IPProtocolAction=Allow,IPProtocolName=Stream Control Transmission Protocol (SCTP)" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlPortDefault ; Specify default rule on how to handle different TCP/UDP ports. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlPortDefault "FwlPortDefaultIn=Deny,FwlPortDefaultOut=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlPort ; Firewall rules for different TCP/UDP ports including HTTP, FTP, TELNET and other port applications. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlPort ; ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP - TCP+UDP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=0,PortRangeEnd=0,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Reserved" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=37,PortRangeEnd=37,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Time (RFC 868)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=137,PortRangeEnd=139,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=NetBIOS over TCP and UDP" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=427,PortRangeEnd=427,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Service Location Protocol (SLP\, RFC 2165)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=445,PortRangeEnd=445,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Microsoft DS" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=554,PortRangeEnd=554,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Real Time Stream Control Protocol (RTSP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1080,PortRangeEnd=1080,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=SOCKS" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3020,PortRangeEnd=3020,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Common Internet File System (CIFS)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3205,PortRangeEnd=3205,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Internet Storage Name Service (iSNS) server port" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3517,PortRangeEnd=3517,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Inter-Access Point Protocol (IAPP\, IEEE 802.11F-2003)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=5060,PortRangeEnd=5060,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Session Initiation Protocol (RFC 3261-3266)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=8554,PortRangeEnd=8554,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=RTSP Alternate (see port 554)" ; ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP - TCP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=21,PortRangeEnd=21,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=File Transfer Protocol control (FTP control\, RFC 959)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=22,PortRangeEnd=22,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Secure Shell (SSH) remote login protocol" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=23,PortRangeEnd=23,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Telnet (RFC 854)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=25,PortRangeEnd=25,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Simple Mail Transfer Protocol (SMTP\, RFC 2821)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=43,PortRangeEnd=43,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=whois (NICname\, RFC 954)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=53,PortRangeEnd=53,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Domain Name Service (DNS\, server-to-server communications)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=63,PortRangeEnd=63,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=whois++ (RFC 1913)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=80,PortRangeEnd=80,PortProtocol=TCP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Hyper-Text Transfer Protocol (HTTP\, World Wide Web\, RFC 2616)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=88,PortRangeEnd=88,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Kerberos (RFC 1510)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=110,PortRangeEnd=110,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Post Office Protocol version 3 (POP3\, RFC 1939)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=119,PortRangeEnd=119,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Network News Transfer Protocol (NNTP\, RFC 977)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=143,PortRangeEnd=143,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Internet Message Access Protocol (IMAP\, RFC 3501)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=194,PortRangeEnd=194,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Internet Relay Chat (IRC\, RFC 2810-2813)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=389,PortRangeEnd=389,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Lightweight Directory Access Protocol (LDAP\, RFC 3377)\, a.k.a. Internet Locator Service (ILS)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=443,PortRangeEnd=443,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=HTTP over TLS or SSL (HTTPS)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=563,PortRangeEnd=563,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=NNTPS (NNTP over TLS/SSL)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=989,PortRangeEnd=990,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=FTP over TLS/SSL" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=992,PortRangeEnd=992,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Telnet over TLS/SSL" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=993,PortRangeEnd=993,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=IMAP4 over TLS/SSL" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=994,PortRangeEnd=994,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=IRC over TLS/SSL" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=995,PortRangeEnd=995,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=POP3 over TLS/SSL" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1723,PortRangeEnd=1723,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Point-to-Point Tunneling Protocol (PPTP\, RFC 2637)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1812,PortRangeEnd=1813,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Remote Authentication Dial-In User Service (RADIUS\, RFC 2865)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1985,PortRangeEnd=1985,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Cisco Hot Standby Router Protocol (HSRP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3260,PortRangeEnd=3260,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=SCSI over TCP/IP (iSCSI)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3476,PortRangeEnd=3476,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=NVIDIA nForce Network Management" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=5050,PortRangeEnd=5050,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Yahoo! Messenger (a.k.a. multimedia conference control tool)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=5061,PortRangeEnd=5061,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Session Initiation Protocol over TLS/SSL (RFC 3261-3266)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=5190,PortRangeEnd=5193,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=America Online" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=6000,PortRangeEnd=6063,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=X Window System" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=8080,PortRangeEnd=8080,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=HTTP Alternate (see port 80)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=6665,PortRangeEnd=6669,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Internet Relay Chat (IRC\, RFC 2810-2813)" ; ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP - UDP ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=53,PortRangeEnd=53,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Domain Name Service (DNS\, client-to-server communications)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=69,PortRangeEnd=69,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Trivial File Transfer Protocol (TFTP\, RFC 1350)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=80,PortRangeEnd=80,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=HTTP (Simple Object Access Protocol\, SOAP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=123,PortRangeEnd=123,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Network Time Protocol (NTP\, RFC 1305)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=161,PortRangeEnd=161,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Simple Network Management Protocol (SNMP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=162,PortRangeEnd=162,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=SNMP trap" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=500,PortRangeEnd=500,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Internet Security Association and Key Management Protocol (ISAKMP\, RFC 2408)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=514,PortRangeEnd=514,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=syslog" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=515,PortRangeEnd=515,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=printer/spooler (lpr)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=525,PortRangeEnd=525,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=time server" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=580,PortRangeEnd=580,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Simple Network Time Protocol (SNTP) heartbeat (RFC 1769)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=674,PortRangeEnd=674,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Application Configuration Access Protocol (ACAP\, RFC 2244)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1900,PortRangeEnd=1900,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Simple Service Discovery Protocol (SSDP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1985,PortRangeEnd=1985,PortProtocol=UDP,PortActionIn=Allow,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Cisco Hot Standby Router Protocol (HSRP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3476,PortRangeEnd=3476,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Deny,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=NVIDIA nForce Network Management (only used over TCP)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=3478,PortRangeEnd=3478,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Simple Traversal of UDP Through NAT (STUN) port (RFC 3489)" ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=4500,PortRangeEnd=4500,PortProtocol=UDP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Microsoft IPsec NAT Traversal" ; ; ------------------------------------------------------------------------------------------------------------------------------------------- ; THE ITEMS BELOW REMAIN FOR REFERENCE ONLY...THEY SHOULD BE IMPLEMENTED AS WIZARDS THAT MODIFY A SELECTED CUSTOM CONFIGURATION FILE, PERHAPS ; ------------------------------------------------------------------------------------------------------------------------------------------- ; ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=666,PortRangeEnd=666,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=DOOM (id Software)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1214,PortRangeEnd=1214,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=KAZAA" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1718,PortRangeEnd=1719,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2979,PortRangeEnd=2979,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.263 Video Streaming" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=11720,PortRangeEnd=11720,PortProtocol=Both,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 Call Signal Alternate" ; ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=522,PortRangeEnd=522,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=User Location Service (Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1352,PortRangeEnd=1352,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Lotus Notes" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1503,PortRangeEnd=1503,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=ITU T.120 (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1720,PortRangeEnd=1720,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 call setup (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=1731,PortRangeEnd=1731,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=Audio call control (required by Windows NetMeeting)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2517,PortRangeEnd=2517,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=H.323 Annex E call signaling transport" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2948,PortRangeEnd=2948,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Push (not protected by Wireless TLS)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=2949,PortRangeEnd=2949,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Push (protected by Wireless TLS)" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=6346,PortRangeEnd=6347,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=gnutella" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9200,PortRangeEnd=9200,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Connectionless Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9201,PortRangeEnd=9201,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9202,PortRangeEnd=9202,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Secure Connectionless Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9203,PortRangeEnd=9203,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP Secure Session Service" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9204,PortRangeEnd=9204,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCard" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9205,PortRangeEnd=9205,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCal" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9206,PortRangeEnd=9206,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCard Secure" ; ADDROW root\nvidia\ns_firewall:NV_FwlPort "PortRangeBegin=9207,PortRangeEnd=9207,PortProtocol=TCP,PortActionIn=Deny,PortActionOut=Allow,PortRemoteIP=0.0.0.0,PortRemoteIPMask=255.255.255.255,PortName=WAP vCal Secure" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlTCPOptionDefault ; Specify default rule on how to handle different TCP Options. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlTCPOptionDefault "FwlTCPOptionDefault=Deny" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlTCPOption ; Firewall rules for TCP options such as Maximum Segment Size and Selective ACK. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlTCPOption ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=0,TCPOptionAction=Allow,TCPOptionName=End of Option List (RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=1,TCPOptionAction=Allow,TCPOptionName=No Operation (RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=2,TCPOptionAction=Allow,TCPOptionName=Maximum Segment Size (MSS\, RFC 793)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=3,TCPOptionAction=Allow,TCPOptionName=Window Scale (RFC 1323)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=4,TCPOptionAction=Allow,TCPOptionName=Selective ACK Permitted (SACK-Permitted\, RFC 2018)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=5,TCPOptionAction=Allow,TCPOptionName=Selective ACK (SACK\, RFC 2018)" ADDROW root\nvidia\ns_firewall:NV_FwlTCPOption "TCPOptionNumber=8,TCPOptionAction=Allow,TCPOptionName=Time Stamp Option (RFC 1323)" ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_FwlDomainDefault ; Specify default rule on how to handle different domain name. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_FwlDomainDefault "FwlDomainDefault=Allow" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; TABLE : NV_FwlDomain ; Firewall rules on domain names. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; PURGE root\nvidia\ns_firewall:NV_FwlDomain ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; Parameter: FwlFlushDNS ; Flush DNS cache ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SET \\\.\root\nVIDIA\NS_Firewall:NV_FwlFlushDNS=@ "FwlFlushDNS=Clear" ; ; ; ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; GROUP : NV_Fwl ; Configure whether firewall feature is on or off. ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; SET root\nvidia\ns_firewall:NV_Fwl "Fwl=On"Download Driver Pack
After your driver has been downloaded, follow these simple steps to install it.
Expand the archive file (if the download file is in zip or rar format).
If the expanded file has an .exe extension, double click it and follow the installation instructions.
Otherwise, open Device Manager by right-clicking the Start menu and selecting Device Manager.
Find the device and model you want to update in the device list.
Double-click on it to open the Properties dialog box.
From the Properties dialog box, select the Driver tab.
Click the Update Driver button, then follow the instructions.
Very important: You must reboot your system to ensure that any driver updates have taken effect.
For more help, visit our Driver Support section for step-by-step videos on how to install drivers for every file type.