|
Title: system acces rule settings rendered incorrectly Post by: mogyiman on Monday 23 November 2009, 01:01:48 am Hi all,
This is an issue in 2.3 and has a workaround, I found this quite dangerous. Typical scenario is that one wants to setup an access to the web interface from a specific IP address. If you specifiy rule by specifiying the Endian FW external IP as target not the RED interface the rendered iptables rule will grant access from everywhere. Of course the rule will work, but source IP is ignored. So I recommend using GUI with care, I think breaking up complex rules to one liners (one source, one target) would be more secure than specifying multiple options. Cheers. |