Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
project:omnia:firewall [2017/04/04 19:52]
embargo created: UCI forwarding 		project:omnia:firewall [2017/04/04 20:48] (current)
embargo [UCI forwarding]
Line 2: Line 2:
  
 ==== UCI forwarding ==== ==== UCI forwarding ====
 +=== Create forwarding rule ===
 <​code>​ <​code>​
 +uci add firewall redirect
 +#cfg3b3837
 +uci set firewall.@redirect[-1].dest=dmz_pub
 +uci set firewall.@redirect[-1].dest_ip=172.16.10.20
 +uci set firewall.@redirect[-1].dest_port=22
 +uci set firewall.@redirect[-1].enabled=1
 +uci set firewall.@redirect[-1].name=test1
 +uci set firewall.@redirect[-1].proto=tcp
 +uci set firewall.@redirect[-1].src=wan
 +uci set firewall.@redirect[-1].src_dport=2222
 +uci set firewall.@redirect[-1].target=DNAT
 +uci commit firewall
 +
 +uci show firewall.@redirect[]
 firewall.cfg3b3837=redirect firewall.cfg3b3837=redirect
-firewall.cfg3b3837.dest=dmz_pub +firewall.cfg3b3837.dest='dmz_pub' 
-firewall.cfg3b3837.dest_ip=172.16.10.20 +firewall.cfg3b3837.dest_port='​22'​ 
-firewall.cfg3b3837.dest_port=22 +firewall.cfg3b3837.name='​test1'​ 
-firewall.cfg3b3837.enabled=1 +firewall.cfg3b3837.proto='​tcp'​ 
-firewall.cfg3b3837.name=test1 +firewall.cfg3b3837.src='​wan'​ 
-firewall.cfg3b3837.proto=tcp +firewall.cfg3b3837.target='​DNAT'​ 
-firewall.cfg3b3837.src=wan +firewall.cfg3b3837.dest_ip='​172.16.10.21'​ 
-firewall.cfg3b3837.src_dport=2222 +firewall.cfg3b3837.src_dport='​2223'​ 
-firewall.cfg3b3837.target=DNAT+</​code>​ 
 +=== Delete forwarding rule === 
 +<​code>​ 
 +uci delete ​firewall.cfg3b3837 
 +uci commit firewall 
 +</​code>​
  
---------------------------------------------------------------- +==== UCI firewalling ==== 
- +<​code>​ 
-firewall.@redirect[0]=redirect +irewall.@rule[10]=rule 
-firewall.@redirect[0].enabled='1+firewall.@rule[10].target='ACCEPT
-firewall.@redirect[0].target='DNAT+firewall.@rule[10].name='VPN
-firewall.@redirect[0].src='​wan+firewall.@rule[10].src='​lan
-firewall.@redirect[0].dest='dmz_pub'​ +firewall.@rule[10].src_ip='10.14.23.0/24
-firewall.@redirect[0].proto='​tcp'​ +firewall.@rule[10].proto='all'
-firewall.@redirect[0].src_dport='​2222+
-firewall.@redirect[0].dest_ip='​172.16.10.20' +
-firewall.@redirect[0].dest_port='22' +
-firewall.@redirect[0].name='​test1'​ +
- +
---------------------------------------------------------------+
  
-config ​redirect +config ​rule 
-        option target 'DNAT+        option target 'ACCEPT
-        option ​src 'wan+        option ​name 'VPN
-        option ​dest 'dmz_pub+        option ​src 'lan
-        option ​proto 'tcp' +        option ​src_ip ​'10.14.23.0/24
-        option src_dport '​2222'​ +        option ​proto 'all'
-        option dest_ip '172.16.10.20+
-        option ​dest_port '​22'​ +
-        option name 'test1'+
 </​code>​ </​code>​
  • project/omnia/firewall.1491328368.txt.gz
  • Last modified: 2017/04/04 19:52
  • by embargo