Displaying 1 result from an estimated 1 matches for "sys2all".
Did you mean:
fsyscall
2006 Aug 04
4
policy ordering when mixing interface zones and host defined zones
...9;m sending traffic from "sys" to "pubsh".
The pkt goes through chain eth1_fwd then goes to
dmz2pubsh then goes to all2all where it is rejected
by the default all2all reject policy.
If the traffic fell out the bottom of dmz2pubsh and returned to eth1_fwd
it would be caught by sys2all and be allowed. Is there some reordering
I can do to achieve such a result?
Hosts:
------
sys eth1:111.111.111.0/24
Zones:
------
fw firewall
# eth1
dmz ipv4
sys ipv4
# eth0
adm ipv4
publr ipv4
pubph ipv4
pubsh ipv4
stfph ipv4
stfsh ipv4
Policy:
-------
fw...