баш1

firewall {
   all-ping enable
   group {
       network-group GOOD-NETWORKS {
           network 192.168.2.0/24
       }
   }
   name FROM-INTRANET {
       default-action accept
       description "From the Intranet"
       rule 10 {
           action accept
           description "Authorized Networks"
           protocol all
           source {
               group {
                   network-group GOOD-NETWORKS
               }
           }
       }
    }
}

interfaces {
   ethernet eth1 {
       address dhcp
       description OUTSIDE
       duplex auto
       firewall {
           out {
               name FROM-INTERNET
           }
       }
   }
}
Determined Dotterel