[Firehol-support] Syntax for many Interfaces
Sim
simvirus at gmail.com
Mon May 26 16:33:28 BST 2008
Hi Costa, hi to all!
I have Linux box with many many many VLAN (interfaces)
Can I reduce syntax as in simple example?
############################
ETH0 192.168.0.1 /24
ETH1 172.16.10.1 /24
ETH2 172.16.11.1 /24
############################
interface eth0 all2fw
policy drop
protection strong
server ICMP accept
server "ssh" accept
client all accept
interface eth1 in2fw
policy drop
protection strong
server ICMP accept
client all accept
interface eth2 other2fw
policy drop
protection strong
server ICMP accept
client all accept
############################
router all2one outface eth1 dst "172.16.10.1/24"
route "smtp pop3" accept
router all2two outface eth2 dst "172.16.11.1/24"
route "http" accept
############################
router in2test outface eth0 dst "10.0.0.0/24"
route "telnet" accept
router in2out outface eth0 dst "192.168.0.0/24"
route ICMP accept
router in2all outface eth0 dst "${UNROUTABLE_IPS} 192.168.0.0/24"
route "all" accept
Another question is:
- Can I create a special (router in2test outface eth0 dst
"10.0.0.0/24") router for a network not in my class?
Is it essential to define it before (router in2all outface eth0 dst
"${UNROUTABLE_IPS} 192.168.0.0/24") ?
Very thanks!
---
Sim
More information about the Firehol-support
mailing list