[EHPweb] DFC DMZ Firewall Updates
Peter Lombard
lombard at seismo.berkeley.edu
Thu Dec 4 18:33:03 GMT 2008
Chris,
I'm not sure if any USGS folks got back to you about the firewall question you
asked a few weeks ago.
I work at UC Berkeley; we work closely with Dave Oppenheimer and his crew at
USGS Menlo Park. My primary interest here is that I operate a ShakeMap
production machine at Berkeley. This machine shares (with Menlo Park) the
production of ShakeMaps for northern California.
Here are the IP addresses from UC Berkeley subnets:
128.32.149.90 is an old address, no longer used for ShakeMap. Does not need
access.
169.229.197.46 is the current UC Berkeley ShakeMap machine. It uses ssh and
scp to transfer ShakeMaps to the following USGS machines:
ehzmenlo.wr.usgs.gov
horst.wr.usgs.gov
graben.er.usgs.gov
mesa.cr.usgs.gov
These are the only IP addresses in your list that are in UC Berkeley subnets.
Let me know if you have more questions.
--
Pete Lombard
Seismological Laboratory
215 McCone Hall
University of California
Berkeley, CA 94720-4760
lombard at seismo.berkeley.edu
(510) 642-0073
Christopher J Bidwell writes:
> All, for those who are involved with DFC DMZ servers, please review the
> list below and let me know if any of these rules can be removed.
>
> Please verify whether the permits are still needed AND that the source IP
> addresses are still valid and have appropriate ISA/MOUs on file.
>
> Ciimwebden ICMP, 2222, 22 Allowed by PSS except for maybe icmp
> Untrust Public DMZ 968162 permit icmp host 128.110.129.53/32
> host 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 128.110.129.54/32
> host 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 128.32.149.90/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 128.95.16.8/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 131.215.66.180/32
> host 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 131.215.66.39/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 131.215.66.41/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 131.215.68.34/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 131.215.68.6/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 131.215.68.7/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 205.238.72.15/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 38.116.153.71/32 host
> 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968162 permit icmp host 63.193.152.100/32
> host 137.227.224.66/32 eq ANY
> Untrust Public DMZ 968163 permit udp host 128.95.166.129/32
> host 137.227.224.66/32 eq 2222
> Untrust Public DMZ 968163 permit tcp host 128.95.166.129/32
> host 137.227.224.66/32 eq 2222
> Untrust Public DMZ 968164 permit tcp host 128.110.129.53/32
> host 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 128.110.129.54/32
> host 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 128.32.149.90/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 128.95.16.8/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 131.215.66.180/32
> host 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 131.215.66.39/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 131.215.66.41/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 131.215.68.34/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 131.215.68.6/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 131.215.68.7/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 205.238.72.15/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 38.116.153.71/32 host
> 137.227.224.66/32 eq 22
> Untrust Public DMZ 968164 permit tcp host 63.193.152.100/32
> host 137.227.224.66/32 eq 22
> Untrust Public DMZ 968179 permit tcp host 131.215.68.108/32
> host 137.227.224.66/32 eq 22
>
>
> ----------------------
> EHZden 22, 2222
> Untrust Public DMZ 968035 permit tcp host 128.110.129.53/32
> host 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 128.110.129.54/32
> host 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 128.32.149.90/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 128.95.16.8/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 131.215.66.180/32
> host 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 131.215.66.39/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 131.215.66.41/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 131.215.68.34/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 131.215.68.6/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 131.215.68.7/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 205.238.72.15/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 38.116.153.71/32 host
> 137.227.224.73/32 eq 22
> Untrust Public DMZ 968035 permit tcp host 63.193.152.100/32
> host 137.227.224.73/32 eq 22
> Untrust Public DMZ 968143 permit tcp host 169.229.197.46/32
> host 137.227.224.73/32 eq 22
> Untrust Public DMZ 968143 permit tcp host 207.225.110.151/32
> host 137.227.224.73/32 eq 22
> Untrust Public DMZ 968036 permit tcp host 128.95.166.129/32
> host 137.227.224.73/32 eq 2222
> Untrust Public DMZ 968036 permit udp host 128.95.166.129/32
> host 137.227.224.73/32 eq 2222
> Untrust Public DMZ 968037 permit icmp host 128.110.129.53/32
> host 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 128.110.129.54/32
> host 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 128.32.149.90/32 host
> 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 128.95.16.8/32 host
> 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 131.215.66.180/32
> host 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 131.215.66.39/32 host
> 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 131.215.66.41/32 host
> 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 131.215.68.34/32 host
> 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 131.215.68.6/32 host
> 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 131.215.68.7/32 host
> 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 205.238.72.15/32 host
> 137.227.224.73/32 eq ANY
> Untrust Public DMZ 968037 permit icmp host 38.116.153.71/32 host
> 137.227.224.73/32 eq ANY
>
>
>
> Mesa ports 2222, IP and ICMP
> Untrust Public DMZ 968041 permit udp host 128.95.166.129/32
> host 137.227.224.75/32 eq 2222
> Untrust Public DMZ 968041 permit tcp host 128.95.166.129/32
> host 137.227.224.75/32 eq 2222
> Untrust Public DMZ 968042 permit icmp host 128.110.129.53/32
> host 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 128.110.129.54/32
> host 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 128.32.149.90/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 128.95.16.8/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 131.215.66.180/32
> host 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 131.215.66.39/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 131.215.66.41/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 131.215.68.34/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 131.215.68.6/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 131.215.68.7/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 205.238.72.15/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 38.116.153.71/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968042 permit icmp host 63.193.152.100/32
> host 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968147 permit ip host 131.215.68.52/32 host
> 137.227.224.75/32 eq ANY
> Untrust Public DMZ 968040 permit tcp host 128.110.129.53/32
> host 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 128.110.129.54/32
> host 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 128.32.149.90/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 128.95.16.8/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 131.215.66.180/32
> host 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 131.215.66.39/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 131.215.66.41/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 131.215.66.39/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 131.215.66.41/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 131.215.68.34/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 131.215.68.6/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 131.215.68.7/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 205.238.72.15/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 38.116.153.71/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968040 permit tcp host 63.193.152.100/32
> host 137.227.224.75/32 eq 22
> Untrust Public DMZ 968143 permit tcp host 169.229.197.46/32
> host 137.227.224.75/32 eq 22
> Untrust Public DMZ 968143 permit tcp host 207.225.110.151/32
> host 137.227.224.75/32 eq 22
> Untrust Public DMZ 968144 permit tcp host 134.197.33.3/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968144 permit tcp host 134.197.33.80/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968213 permit tcp host 131.215.68.89/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968381 permit tcp host 128.95.16.12/32 host
> 137.227.224.75/32 eq 22
> Untrust Public DMZ 968395 permit tcp host 137.239.37.186/32
> host 137.227.224.75/32 eq 22
>
>
> eids1.cr.usgs.gov 2222,2223, 29977, 29988, 39977, 39988
> Untrust Public DMZ 968310 permit tcp host 128.95.166.129/32
> host 137.227.224.89/32 eq 2222
> Untrust Public DMZ 968310 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 2222
> Untrust Public DMZ 968417 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 2223
> Untrust Public DMZ 968417 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 29977
> Untrust Public DMZ 968417 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 29988
> Untrust Public DMZ 968309 permit tcp host 128.95.166.129/32
> host 137.227.224.89/32 eq 39977
> Untrust Public DMZ 968309 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 39977
> Untrust Public DMZ 968309 permit tcp host 128.95.166.129/32
> host 137.227.224.89/32 eq 39988
> Untrust Public DMZ 968309 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 39988
> Untrust Public DMZ 968308 permit tcp 131.215.61.0/24 host
> 137.227.224.89/32 eq 22
> Untrust Public DMZ 968308 permit tcp 131.215.66.0/24 host
> 137.227.224.89/32 eq 22
> Untrust Public DMZ 968308 permit tcp 131.215.68.0/24 host
> 137.227.224.89/32 eq 22
> Untrust Public DMZ 968310 permit udp host 128.95.166.129/32
> host 137.227.224.89/32 eq 2222
> Untrust Public DMZ 968310 permit udp host 131.215.68.148/32
> host 137.227.224.89/32 eq 2222
> ----------------
> Thanks,
>
> Chris Bidwell, RHCT
> Web Administrator
> Geologic Hazards Team
> US Geological Survey
> email: cbidwell at usgs.gov
> work: 303-273-8642
> mobile: 303-435-6362
>
> <br><font size=2 face="sans-serif">All, for those who are involved with
> DFC DMZ servers, please review the list below and let me know if any of
> these rules can be removed.</font>
> <br>
> <br><font size=2 face="sans-serif"><b>Please verify whether the permits
> are still needed AND that the source IP addresses are still valid and have
> appropriate ISA/MOUs on file.</b></font>
> <br>
> <br><font size=2 face="sans-serif"><b>Ciimwebden ICMP, 2222, 22 Allowed
> by PSS except for maybe icmp</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 128.110.129.53/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 128.110.129.54/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 128.32.149.90/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 128.95.16.8/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 131.215.66.180/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 131.215.66.39/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 131.215.66.41/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 131.215.68.34/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 131.215.68.6/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 131.215.68.7/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 205.238.72.15/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 38.116.153.71/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968162 permit icmp host 63.193.152.100/32
> host 137.227.224.66/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968163 permit udp host 128.95.166.129/32
> host 137.227.224.66/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968163 permit tcp host 128.95.166.129/32
> host 137.227.224.66/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 128.110.129.53/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 128.110.129.54/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 128.32.149.90/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 128.95.16.8/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 131.215.66.180/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 131.215.66.39/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 131.215.66.41/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 131.215.68.34/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 131.215.68.6/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 131.215.68.7/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 205.238.72.15/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 38.116.153.71/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968164 permit tcp host 63.193.152.100/32
> host 137.227.224.66/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968179 permit tcp host 131.215.68.108/32
> host 137.227.224.66/32 eq 22</b></font>
> <br>
> <br>
> <br><font size=2 face="sans-serif"><b>----------------------</b></font>
> <br><font size=2 face="sans-serif"><b>EHZden 22, 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 128.110.129.53/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 128.110.129.54/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 128.32.149.90/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 128.95.16.8/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 131.215.66.180/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 131.215.66.39/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 131.215.66.41/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 131.215.68.34/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 131.215.68.6/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 131.215.68.7/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 205.238.72.15/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 38.116.153.71/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968035 permit tcp host 63.193.152.100/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968143 permit tcp host 169.229.197.46/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968143 permit tcp host 207.225.110.151/32
> host 137.227.224.73/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968036 permit tcp host 128.95.166.129/32
> host 137.227.224.73/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968036 permit udp host 128.95.166.129/32
> host 137.227.224.73/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 128.110.129.53/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 128.110.129.54/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 128.32.149.90/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 128.95.16.8/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 131.215.66.180/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 131.215.66.39/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 131.215.66.41/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 131.215.68.34/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 131.215.68.6/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 131.215.68.7/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 205.238.72.15/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968037 permit icmp host 38.116.153.71/32
> host 137.227.224.73/32 eq ANY</b></font>
> <br>
> <br>
> <br>
> <br><font size=2 face="sans-serif"><b>Mesa ports 2222, IP and ICMP</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968041 permit udp host 128.95.166.129/32
> host 137.227.224.75/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968041 permit tcp host 128.95.166.129/32
> host 137.227.224.75/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 128.110.129.53/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 128.110.129.54/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 128.32.149.90/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 128.95.16.8/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 131.215.66.180/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 131.215.66.39/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 131.215.66.41/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 131.215.68.34/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 131.215.68.6/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 131.215.68.7/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 205.238.72.15/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 38.116.153.71/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968042 permit icmp host 63.193.152.100/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968147 permit ip host 131.215.68.52/32
> host 137.227.224.75/32 eq ANY</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 128.110.129.53/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 128.110.129.54/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 128.32.149.90/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 128.95.16.8/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 131.215.66.180/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 131.215.66.39/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 131.215.66.41/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 131.215.66.39/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 131.215.66.41/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 131.215.68.34/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 131.215.68.6/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 131.215.68.7/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 205.238.72.15/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 38.116.153.71/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968040 permit tcp host 63.193.152.100/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968143 permit tcp host 169.229.197.46/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968143 permit tcp host 207.225.110.151/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968144 permit tcp host 134.197.33.3/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968144 permit tcp host 134.197.33.80/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968213 permit tcp host 131.215.68.89/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968381 permit tcp host 128.95.16.12/32
> host 137.227.224.75/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968395 permit tcp host 137.239.37.186/32
> host 137.227.224.75/32 eq 22</b></font>
> <br>
> <br>
> <br><font size=2 face="sans-serif"><b>eids1.cr.usgs.gov 2222,2223, 29977,
> 29988, 39977, 39988</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968310 permit tcp host 128.95.166.129/32
> host 137.227.224.89/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968310 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968417 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 2223</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968417 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 29977</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968417 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 29988</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968309 permit tcp host 128.95.166.129/32
> host 137.227.224.89/32 eq 39977</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968309 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 39977</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968309 permit tcp host 128.95.166.129/32
> host 137.227.224.89/32 eq 39988</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968309 permit tcp host 131.215.68.148/32
> host 137.227.224.89/32 eq 39988</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968308 permit tcp 131.215.61.0/24 host
> 137.227.224.89/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968308 permit tcp 131.215.66.0/24 host
> 137.227.224.89/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968308 permit tcp 131.215.68.0/24 host
> 137.227.224.89/32 eq 22</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968310 permit udp host 128.95.166.129/32
> host 137.227.224.89/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif"><b>Untrust Public DMZ
> 968310 permit udp host 131.215.68.148/32
> host 137.227.224.89/32 eq 2222</b></font>
> <br><font size=2 face="sans-serif">----------------<br>
> Thanks,<br>
> <br>
> Chris Bidwell, RHCT<br>
> Web Administrator<br>
> Geologic Hazards Team<br>
> US Geological Survey<br>
> email: cbidwell at usgs.gov<br>
> work: 303-273-8642<br>
> mobile: 303-435-6362<br>
> </font>_______________________________________________
> EHPweb mailing list
> EHPweb at geohazards.usgs.gov
> https://geohazards.usgs.gov/mailman/listinfo/ehpweb
More information about the EHPweb
mailing list