Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 01 December 2024, 03:06:49 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Incoming routed traffic & DMZ
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Incoming routed traffic & DMZ  (Read 9447 times)
moktok
Jr. Member
*
Offline Offline

Posts: 2


« on: Friday 14 January 2011, 08:15:10 pm »

Hi everybody,

I have a question regarding the firewall menu "incoming routed traffic" in the release 2.4.1.

I have more IP addresses von my red interface. I would like to route one of those ips directly to
server behind the firewall without NAT.
According to the documentation this can be done with the firewall menu "incoming routed traffic".
Unfortunatly this is poorly documented (or I do not understand it Smiley).
How do I configure the route to the dmz? Must the server behind the firewall hang on an extra interface
or on blue/orange? Can this be done with the gui or do I need to configure the routing chains of iptables
by myself?

I hope you can help me.

thanks in advance,

  Martin
Logged
sunsus
Jr. Member
*
Offline Offline

Posts: 2


« Reply #1 on: Monday 27 February 2012, 09:51:42 pm »

Hello Martin

Have you got it to work? When yes how?

I have a simular problem, i'm trying to rout a subnet with public ips form red to orange.
regards

Patrick
Logged
moktok
Jr. Member
*
Offline Offline

Posts: 2


« Reply #2 on: Monday 27 February 2012, 11:45:16 pm »

Hi Patrick,

yes, I solved the problem. You must add manually a route for your IP address to the interface of your desired zone. I put a host route command to
/etc/rc.d/rc.firewall.local to the interface of the desired zone:

# route add -host <ip> dev brX

In the GUI I defined SNAT from the ip to the zone.

On the machine I configured the outer IP address and two routes to the IP address of the firewall in that zone:

# route add -net 10.1.1.0/24 dev eth0
# route add default gw 10.1.1.1 dev eth0


Hopes that helps,

   Martin


Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.109 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com