hi,
How can i configure that everything from LAN to Internet is possible except some services. Like bittorrent and stuff.
I thought i could make a rule that masquerades everything to the internet an then another one that drops service bittorrent. But that doesn't work :(
I don't look through :(
What about the order of the rules ? How are they porcessed ? top-down ?
I just don't want to enable any damn service. I want to allow everything except some services. Is this possible ?
Bineo, please stay polite on this forum.
Rules are processed from top to bottom. If you have a drop rule before an accept rule, the drop rule will match.
To accept all except some services, do:
drop service bittorrent from local.lan to world.inet accept service any from local.lan to world.inet snat service any from local.lan to world.inet
Hope this helps, Victor
Log in to post a comment.
hi,
How can i configure that everything from LAN to Internet is possible except some services.
Like bittorrent and stuff.
I thought i could make a rule that masquerades everything to the internet an then another one
that drops service bittorrent. But that doesn't work :(
I don't look through :(
What about the order of the rules ?
How are they porcessed ? top-down ?
I just don't want to enable any damn service. I want to allow everything
except some services. Is this possible ?
Bineo, please stay polite on this forum.
Rules are processed from top to bottom. If you have a drop rule before an accept rule, the drop rule will match.
To accept all except some services, do:
drop service bittorrent from local.lan to world.inet
accept service any from local.lan to world.inet
snat service any from local.lan to world.inet
Hope this helps,
Victor