How do i forward a port?
Anders Peter Fugmann
email hidden
Wed Mar 22 18:21:29 CET 2006
Aditya Nag wrote:
> Thanks for the reply, but I'm a little unclear on a few things. Do I
> need to set up a forward rule in zone.int or zone.ext? I tried both
> and it's not working. If it's possible, could you please send me a
> slightly more detailed explanation. I feel rather stupid for not being
> able to figure this out, but it's one of those things where you just
> get stuck!
>
The logic is as follows:
A packet enters the system from the external zone. In this zone it is
redirected to the internal zone, and must be allowed into the internal
zone. Access for packets originating from other zones into the internal
zone is defined by the forward rules in the zone configuration file for
the internal zone.
The idea is that all access configuration for packets entering a zone is
places in the configuration file for the zone - not in other zones.
All packets are allowed to leave a zone, but may be dropped by access
rules for the destination zone.
Input and output rules only applies for packets destined or originating
from the firewall itself.
To sum up:
Redirect rule in zone.ext to redirect the packet to the internal zone.
forward rule to allow the packet entering the internal zone.
I hope it clears things up a bit.
> Thanks again for your help,
> Aditya
>
Regards
Anders Fugmann
More information about the fiaif
mailing list