ACL, Simple firewall rules

m00n · Post by **m00n** » 27 Jan 2012 07:06

Hi
I want block any incoming traffic from outside to one specific host, but allow him internet access so i need established connection. IN documentation i found example

Code: Select all

policy condition c1 destination ip 1.1.1.1 established
policy condition c2 destination ip 1.1.1.1

policy action drop disposition drop
policy action allow

policy rule r1 condition c1 action allow
policy rule r2 condition c2 action drop

qos apply

It doesn't work, Block incoming traffic to host, but i dont have connection to outside world. Any sugestion ?

one6f · Post by **one6f** » 28 Jan 2012 10:55

Hi m00n,
try to use Logging Rules such as here, then you will see every packet which is blocked or allowed. If you are using console simple add log to the end of each policy rule.

m00n · Post by **m00n** » 29 Jan 2012 06:50

Problem is solved.
I don't think about getting acces to my internal network (default gateawy, dns servers etc.)

so

Code: Select all

policy condition c3 destination ip 1.1.1.1 source ip 1.1.1.0 mask 255.255.255.0
policy rule r3 condition c3 action allow

solved the problem

Alcatel Unleashed

ACL, Simple firewall rules

ACL, Simple firewall rules

Re: ACL, Simple firewall rules

Re: ACL, Simple firewall rules