[Firewall] Forward LAN to DMZ

Erik Norman Stetter e.n.stetter at gmail.com
Thu Aug 27 15:51:49 CEST 2015


"The INT -> DMZ is routed not NAT'ed"

Alright, this clarifies things for me. Thanks a lot.

2015-08-27 15:42 GMT+02:00 Lonnie Abelbeck <lists at lonnie.abelbeck.com>:

> Hi Norman,
>
> The default settings should allow INT_IF to DMZ_IF traffic.  The defaults
> are:
>
> DMZ -> Local is DROP
> DMZ -> INT is DROP
> DMZ -> EXT is ALLOW
>
> Local -> DMZ is ALLOW
> INT -> DMZ is ALLOW
> EXT -> DMZ is DROP
>
> The INT -> DMZ is routed not NAT'ed (as your forward ports comment might
> suggest).
>
>
> Lonnie
>
>
> On Aug 27, 2015, at 4:38 AM, Erik Norman Stetter <e.n.stetter at gmail.com>
> wrote:
>
> > Hello,
> >
> > I can’t find the setting to forward IPs or Ports from my INT_IF to my
> DMZ_IF.
> >
> > Did I just misunderstand something here?
> >
> > Regards,
> >
> > Norman
> >
> > --
> > Erik Norman Stetter
> >
> > e.n.stetter at gmail.com
> > _______________________________________________
> > Firewall mailing list
> > Firewall at rocky.eld.leidenuniv.nl
> > http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> > Arno's (Linux IPTABLES Firewall) Homepage:
> > http://rocky.eld.leidenuniv.nl
>
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl




-- 


*Erik Norman Stettere.n.stetter at gmail.com <e.n.stetter at gmail.com>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20150827/848c0a1f/attachment.html>


More information about the Firewall mailing list