Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
project:omnia:firewall [2017/04/04 19:59]
embargo UCI firewalling 		project:omnia:firewall [2017/04/04 20:48] (current)
embargo [UCI forwarding]
Line 2: Line 2:
  
 ==== UCI forwarding ==== ==== UCI forwarding ====
 +=== Create forwarding rule ===
 <​code>​ <​code>​
 +uci add firewall redirect
 +#cfg3b3837
 +uci set firewall.@redirect[-1].dest=dmz_pub
 +uci set firewall.@redirect[-1].dest_ip=172.16.10.20
 +uci set firewall.@redirect[-1].dest_port=22
 +uci set firewall.@redirect[-1].enabled=1
 +uci set firewall.@redirect[-1].name=test1
 +uci set firewall.@redirect[-1].proto=tcp
 +uci set firewall.@redirect[-1].src=wan
 +uci set firewall.@redirect[-1].src_dport=2222
 +uci set firewall.@redirect[-1].target=DNAT
 +uci commit firewall
 +
 +uci show firewall.@redirect[]
 firewall.cfg3b3837=redirect firewall.cfg3b3837=redirect
-firewall.cfg3b3837.dest=dmz_pub +firewall.cfg3b3837.dest='dmz_pub' 
-firewall.cfg3b3837.dest_ip=172.16.10.20 +firewall.cfg3b3837.dest_port='22' 
-firewall.cfg3b3837.dest_port=22 +firewall.cfg3b3837.name='test1' 
-firewall.cfg3b3837.enabled=1 +firewall.cfg3b3837.proto='tcp' 
-firewall.cfg3b3837.name=test1 +firewall.cfg3b3837.src='wan' 
-firewall.cfg3b3837.proto=tcp +firewall.cfg3b3837.target='​DNAT'​ 
-firewall.cfg3b3837.src=wan +firewall.cfg3b3837.dest_ip='​172.16.10.21
-firewall.cfg3b3837.src_dport=2222 +firewall.cfg3b3837.src_dport='2223
-firewall.cfg3b3837.target=DNAT +</​code>​ 
- +=== Delete forwarding rule ==
---------------------------------------------------------------- +<​code>​ 
- +uci delete firewall.cfg3b3837 
-firewall.@redirect[0]=redirect +uci commit firewall
-firewall.@redirect[0].enabled='​1'​ +
-firewall.@redirect[0].target='​DNAT'​ +
-firewall.@redirect[0].src='​wan'​ +
-firewall.@redirect[0].dest='​dmz_pub'​ +
-firewall.@redirect[0].proto='​tcp'​ +
-firewall.@redirect[0].src_dport='​2222'​ +
-firewall.@redirect[0].dest_ip='​172.16.10.20+
-firewall.@redirect[0].dest_port='22+
-firewall.@redirect[0].name='​test1'​ +
- +
--------------------------------------------------------------- +
- +
-config redirect +
-        option target '​DNAT'​ +
-        option src '​wan'​ +
-        option dest '​dmz_pub'​ +
-        option proto '​tcp'​ +
-        option src_dport '​2222'​ +
-        option dest_ip '172.16.10.20'​ +
-        ​option dest_port '​22'​ +
-        option name '​test1'​+
 </​code>​ </​code>​
  
  • project/omnia/firewall.1491328785.txt.gz
  • Last modified: 2017/04/04 19:59
  • by embargo