Displaying 1 result from an estimated 1 matches for "pubsh".
Did you mean:
pubs
2006 Aug 04
4
policy ordering when mixing interface zones and host defined zones
...iving out beyond the DMZ to have access to all zones on this firewall.
It seemed that creating a zone would allow for this to be done cleanly via
a line in the policy file. I defined this special subnet as the "sys" zone.
To test I''m sending traffic from "sys" to "pubsh".
The pkt goes through chain eth1_fwd then goes to
dmz2pubsh then goes to all2all where it is rejected
by the default all2all reject policy.
If the traffic fell out the bottom of dmz2pubsh and returned to eth1_fwd
it would be caught by sys2all and be allowed. Is there some reordering
I can...