Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
project:omnia:firewall [2017/04/04 19:59]
embargo UCI firewalling 		project:omnia:firewall [2017/04/04 20:37]
embargo [UCI forwarding] delete rule
Line 2: Line 2:
  
 ==== UCI forwarding ==== ==== UCI forwarding ====
 +=== Create forwarding rule ===
 <​code>​ <​code>​
 +uci add firewall redirect
 +#cfg3b3837
 +uci set firewall.@redirect[-1].dest=dmz_pub
 +uci set firewall.@redirect[-1].dest_ip=172.16.10.20
 +uci set firewall.@redirect[-1].dest_port=22
 +uci set firewall.@redirect[-1].enabled=1
 +uci set firewall.@redirect[-1].name=test1
 +uci set firewall.@redirect[-1].proto=tcp
 +uci set firewall.@redirect[-1].src=wan
 +uci set firewall.@redirect[-1].src_dport=2222
 +uci set firewall.@redirect[-1].target=DNAT
 +uci commit firewall
 +
 +uci show firewall.@redirect[0]
 firewall.cfg3b3837=redirect firewall.cfg3b3837=redirect
-firewall.cfg3b3837.dest=dmz_pub +firewall.cfg3b3837.dest='dmz_pub' 
-firewall.cfg3b3837.dest_ip=172.16.10.20 +firewall.cfg3b3837.dest_port='22' 
-firewall.cfg3b3837.dest_port=22 +firewall.cfg3b3837.name='test1' 
-firewall.cfg3b3837.enabled=1 +firewall.cfg3b3837.proto='tcp' 
-firewall.cfg3b3837.name=test1 +firewall.cfg3b3837.src='wan' 
-firewall.cfg3b3837.proto=tcp +firewall.cfg3b3837.target='​DNAT'​ 
-firewall.cfg3b3837.src=wan +firewall.cfg3b3837.dest_ip='​172.16.10.21
-firewall.cfg3b3837.src_dport=2222 +firewall.cfg3b3837.src_dport='2223
-firewall.cfg3b3837.target=DNAT +</​code>​ 
- +=== Delete forwarding rule ==
---------------------------------------------------------------- +<​code>​ 
- +uci delete firewall.cfg3b3837 
-firewall.@redirect[0]=redirect +uci commit firewall
-firewall.@redirect[0].enabled='​1'​ +
-firewall.@redirect[0].target='​DNAT'​ +
-firewall.@redirect[0].src='​wan'​ +
-firewall.@redirect[0].dest='​dmz_pub'​ +
-firewall.@redirect[0].proto='​tcp'​ +
-firewall.@redirect[0].src_dport='​2222'​ +
-firewall.@redirect[0].dest_ip='​172.16.10.20+
-firewall.@redirect[0].dest_port='22+
-firewall.@redirect[0].name='​test1'​ +
- +
--------------------------------------------------------------- +
- +
-config redirect +
-        option target '​DNAT'​ +
-        option src '​wan'​ +
-        option dest '​dmz_pub'​ +
-        option proto '​tcp'​ +
-        option src_dport '​2222'​ +
-        option dest_ip '172.16.10.20'​ +
-        ​option dest_port '​22'​ +
-        option name '​test1'​+
 </​code>​ </​code>​
  
  • project/omnia/firewall.txt
  • Last modified: 2017/04/04 20:48
  • by embargo