Hello,
I have a problem to setup a transparent firewall. I will separate my test environment from the productiv network but I need the same subnet. I need to connect 3 VLANs.
The bridge is working fine but I can not set rules for a specific direction (inbound/outbound).
I can only block the traffic in both direction for one service/port.
I don’t want to filter the traffic over the ip or mac.
For example:
I will ping from product site to the testwork but no from the other direction or I will establish a ssh connection from testnetwork but I will block the other way.
This is my configuration so far.
Bridge TRUNK_EXT (ether1)
- vlan_ext240 (VLAN ID 240)
- vlan_ext250 (VLAN ID 250)
- vlan_ext254 (VLAN ID 254)
Bridge TRUNK_INT (ether4)
- vlan_int240 (VLAN ID 240)
- vlan_int250 (VLAN ID 250)
- vlan_int254 (VLAN ID 254)
Bridge BR240 (vlan_ext240 and vlan_int240)
Bridge BR250 (vlan_ext250 and vlan_int250)
Bridge BR254 (vlan_ext254 and vlan_int254)
Now I want to filter different services for each vlan, but for different directions.
I hope you understand my problem and may can help.
Regards