This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

isolating 4th network

Hi,

We have:
eth2 DMZ:  192.168.11.0
eth0 INT:  10.1.1.0
eth1 EXT

I want to add
eth3 UNTRUSTED: 172.x.x.x
which should only be able to do ANY -> Internet, not to INT or DMZ.

Can I achieve this by removing the route from  UNTRUSTED to INT and DMZ? I don't see how to remove built-in routes though (on 1.90).

Or, do I need to
DENY UNTRUSTED -> DMZ
DENY UNTRUSTED -> INT
ALLOW UNTRUSTED -> ANY

Also, what do I need to do to get this eth3 installed? Should I put it in and re-install Astaro and then restore my backup?

Thanks,
Barry

This thread was automatically locked due to age.

Parents

0 giallu over 23 years ago

I think you have to add rules to accomplish that task, at least if you don't want to "hack" things into ASL from the shell.

For the other question about adding a new NIC I already answered inthis thread.

Regards.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 giallu over 23 years ago

I think you have to add rules to accomplish that task, at least if you don't want to "hack" things into ASL from the shell.

For the other question about adding a new NIC I already answered inthis thread.

Regards.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data