[Firewall] IPv6 not blocking INET->DMZ or INET->LAN

Lonnie Abelbeck lists at lonnie.abelbeck.com
Fri Mar 14 15:46:56 CET 2014


Jason,

A couple more 'tips'...

For IPv4 NAT Forwarding use:

NAT_FORWARD_TCP (or _UDP or _IP)

For IPv6 (or routed IPv4) Forwarding use:

INET_FORWARD_TCP (or _UDP or _IP)

"Any" Host values:

0.0.0.0/0 - Any IPv4 Address

::/0 - Any IPv6 Address

0/0 - Any IPv4 or IPv6 Address (unless source or destination is qualified as IPv4 or IPv6)

Lonnie


On Mar 14, 2014, at 9:23 AM, Wijatmoko U. Prayitno wrote:

> Use variable HOST_OPEN_UDP or HOST_OPEN_TCP
> 
> On Fri, 14 Mar 2014 10:18:44 -0400
> Jason Stahls <jason at justuscare.ca> wrote:
> 
>> I still haven't quite figured out what I've done, but I decided to
>> start with a fresh config instead. How can I open ports for just the
>> host? From my understanding of the comments using OPEN_TCP/UDP/IP
>> will cause it to forward and not block those ports right?
>> 
>> Thanks,
>> 
>> Jason
>> 



More information about the Firewall mailing list