Doing it this way makes it much easier if your entire network changes address space. If you want to create a rule for one of the pre-defined networks (GREEN, BLUE, ORANGE, etc.), use the dropdown boxes. It is recommended to use the automatically generated templates when ever possible. When using them as target, only the IP addresses in this group are taken for the rule because the MAC addresses can not be used as target. When using firewall groups which contain MAC addresses you can use them as source. Just type in a valid IP address, network or (in some cases) a MAC address. The most common option is to use a single IP address to grant some host access to a certain service. The page where you create rules is split into two sections - the first one for the source and a second one for the destination: When you are going to create a new firewall rule, you have to make it clear to you what the source and what the destination host(s) is/are. Please read the Location Block article for more information on this technique. This might be useful if you want to provide a service for a few countries only, which might limit your attack surface. It is possible to choose a country (or a group of countries) as a source or destination. In IPFire, you may create groups of hosts, networks and even VPN connections, which make it very easy to select multiple hosts on a network as source or destination at once. The former destination is now the source and the former source is now the destination. The designated recipient is called destination.Ī reply packet traverses the network in the opposite direction. The host, where the packet is created and sent is called source. You need to understand that a packet is traversing a path of multiple hosts on a network. Understanding the differences between the source and destination of a packet is mandatory to work with any kind of firewalls. If you want to quickly create a Port-forwarding, Blue to Green pinhole, DMZ pinhole or Using Source NAT rule, please have a look at the short guides. This should help you with deciding which information you need to put in those fields in order to create firewall rules. On this page, you will find a detailed description of all options and inputs on the rule creation page.
0 Comments
Leave a Reply. |