#
# Include the definition of the services
#

include <services.hlfl>

#
# Single way permissions
#

# local : 192.168.0.0/16
define local 192.168.0.0/16

# remote : 172.22.0.0/16
define remote 172.22.0.0/16


# interface : eth0
define interface eth0

# -> 
tcp (local) -> (remote) [interface]

# <-
tcp (local) <- (remote) [interface]

# <->
tcp (local) <-> (remote) [interface]

# <=>>

tcp (local) <=>> (remote) [interface]

# <<=>

tcp (local) <<=> (remote) [interface]


# <-X

tcp (local) <-X (remote) [interface]

# X->

tcp (local) X-> (remote) [interface]

# <-X!

tcp (local) <-X! (remote) [interface]

# X!->

tcp (local) X!-> (remote) [interface]

# X

tcp (local) X (remote) [interface]

# X!

tcp (local) X! (remote) [interface]


# More complicated
define a 192.168.1.1
define b 192.168.2.1
define c a|b

# -> udp|tcp

udp|tcp (local) -> (remote) [interface]

# tcp ((a|b) 1024) -> (remote) [interface]

tcp ((a|b) 1024) -> (remote) [interface]


# tcp ((c) 1024) -> (a|b) [interface]

tcp ((c) 1024) -> (a|b) [interface]