ACL, Simple firewall rules

Post Reply
m00n
Member
Posts: 28
Joined: 12 Apr 2011 08:26
Location: Poland

ACL, Simple firewall rules

Post by m00n » 27 Jan 2012 07:06

Hi
I want block any incoming traffic from outside to one specific host, but allow him internet access so i need established connection. IN documentation i found example

Code: Select all

policy condition c1 destination ip 1.1.1.1 established
policy condition c2 destination ip 1.1.1.1

policy action drop disposition drop
policy action allow

policy rule r1 condition c1 action allow
policy rule r2 condition c2 action drop

qos apply
It doesn't work, Block incoming traffic to host, but i dont have connection to outside world. Any sugestion ?
Network & UnixAdministrator, The State School of Higher Professional Education in Elbląg, ACFE

one6f
Member
Posts: 366
Joined: 10 Mar 2009 09:58

Re: ACL, Simple firewall rules

Post by one6f » 28 Jan 2012 10:55

Hi m00n,
try to use Logging Rules such as here, then you will see every packet which is blocked or allowed. If you are using console simple add log to the end of each policy rule.

m00n
Member
Posts: 28
Joined: 12 Apr 2011 08:26
Location: Poland

Re: ACL, Simple firewall rules

Post by m00n » 29 Jan 2012 06:50

Problem is solved.
I don't think about getting acces to my internal network (default gateawy, dns servers etc.)

so

Code: Select all

policy condition c3 destination ip 1.1.1.1 source ip 1.1.1.0 mask 255.255.255.0
policy rule r3 condition c3 action allow
solved the problem
Network & UnixAdministrator, The State School of Higher Professional Education in Elbląg, ACFE

Post Reply

Return to “OmniSwitch 10k”