Community discussions

MUM Europe 2020
 
User avatar
smurphy
Member Candidate
Member Candidate
Topic Author
Posts: 103
Joined: Wed Feb 06, 2008 6:48 pm
Location: Clermont / France
Contact:

Firewall: Best practices to use chains ?

Thu Feb 28, 2008 9:11 pm

Hi Folks ...

I am almost there with my setup. However - I'd like to hear from those of you who have it - how to proceed best with the following setup.

I have 4 Network Interface:
pppoe,wlan1,Bridge-Service,Bridge-vpn (Which is the LAN)

with associated subnets.
Now - I want to make sure - that traffic flowing through the RB153 can not jump from one interface/subnet to another one.
I have followed the first-art guides found on the wiki - but these do actually only protect the network from the external interface.
However - me comming from the Security side of Systems/Networks - I tend to want control on the traffic from all destinations to all destinations, forcing me to apply interface/subnet based policies.
So to my questions:
1. Anyone has an example of the configuration I have in mind ? Even only for 3 Networks... I'll adapt.
2. In which default chain (input,forward,output) would you place:
a. Interface based access policy
b. Inter-interface network flow policies
3. In which chain would you place the address-redirections ?

Thx for any hint ...

Who is online

Users browsing this forum: Bing [Bot], MSN [Bot], skylikeit and 57 guests