Re: [Fwbuilder-discussion] Policy rule on dual homed machine
Brought to you by:
mikehorn
From: <va...@vk...> - 2006-03-06 00:19:00
|
On Mar 4, 2006, at 3:29 PM, ted creedon wrote: > Would this be for the generalized "Policy" tab, or under the =20 > "internal" tab which corresponds to the eth1 interface? > either way if you put the rule in the global policy, it will work for packets =20 crossing any interface of the firewall; if you put it in the =20 interface policy, it will work only for packets that cross that =20 interface --vk > thanks. > > tedc > > Vadim Kurland =E2=9C=8D wrote: >> >> On Mar 2, 2006, at 3:10 PM, ted creedon wrote: >> >>> For a machine with an eth0 (external) and an eth1 (internal =20 >>> 10.1.1.1) interface should the Policy: >>> >>> "Source net-10.1.1.1 Destination net-10.1.1.1 Service Any Accept" >>> >>> allow unrestricted access to all packets to and from the firewall =20= >>> to any machine on the 10.1.1.1 internal network which is =20 >>> connected thru the eth1 LAN card which is physically connected to =20= >>> the internal net? >> >> >> >> to allow communication to and from the firewall you should put =20 >> firewall object or its interface in the corresponding rule element. >> >> --vk >> > > > ------------------------------------------------------- > This SF.Net email is sponsored by xPML, a groundbreaking scripting =20 > language > that extends applications into web and mobile media. Attend the =20 > live webcast > and join the prime developer group breaking into this new coding =20 > territory! > http://sel.as-us.falkag.net/sel?=20 > cmd=3Dlnk&kid=3D110944&bid=3D241720&dat=3D121642 > _______________________________________________ > Fwbuilder-discussion mailing list > Fwb...@li... > https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion > > > !DSPAM:440b73c8155656405812794! > |