Reply To: firewall doesn’t work – whats wrong with my config ?

Home Page Forums Network Management Firewall, Traffic Shaping and Net Balancer firewall doesn’t work – whats wrong with my config ? Reply To: firewall doesn’t work – whats wrong with my config ?

#53611

@redfive wrote:

If instead your main network is the 192.168.1.0/24, and you want manage ZS from this network, and you also want allow web access from ETH01 while denying access to the network 192.168.1.0/24

input chain (default policy DROP)

forward chain (default policy DROP)


1 ETH00 ETH01 ACCEPT all opt -- in ETH00 out ETH01 0.0.0.0/0 -> 192.168.2.0/24 state NEW,RELATED,ESTABLISHED
2 ETH01 ETH00 DROP all opt -- in ETH01 out ETH00 0.0.0.0/0 -> 192.168.1.0/24
2 ETH01 ETH00 ACCEPT all opt -- in ETH01 out ETH00 192.168.2.0/24 -> 0.0.0.0/0 state NEW,RELATED,ESTABLISHED

many thx for your answer and your good explanation.

this is exactly what i want – as described in your post:

web access from ETH01 and
deny the network 192.168.1.0/24 on ETH00

i have the rule defined in the chain FORWARD – policy DROP:

but never works. the effect is that i have web access from ETH01 AND reach the network 192.168.1.0/24 also… 😯

grrr 😀 ❗