This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Complex packet filter rules

Hello!

In the old days I used Checkpoint FW1 alot.
A feature I liked was that I could make "complex" rules like:

NetA & NetB -> NetC -> ServiceA & ServiceB ->Allow.

Will this be available in Astaro?

Best regards,
Fredrik

This thread was automatically locked due to age.

Parents

0 RFCat_vk_01 over 18 years ago

Not sure why you would netA & netB -> netC

But you can do the netA & netB & netC -> serviceA & serviceB -> allow

you do it with groups in definitions and then packet filter rules.

Ian M

Beaten to the punch.

That is exactly what groups do. You just add a service to the group.
Cancel
Vote Up 0 Vote Down

Cancel
0 tnk over 18 years ago in reply to RFCat_vk_01

source: neta & netb
dest: netc
service: servicea & serviceb
action: allow

For me this is a normal rule.

If I could do this I would be able to cut my rules with 75% and still have some kind of overview of my rules. In "packer filter rules view" I cannot see the content of a group, atleast not in V6.

Fredrik
Cancel
Vote Up 0 Vote Down

Cancel
0 TOHIL over 18 years ago in reply to tnk

Give the Groups good names and descriptions.

Groups like:

"grp_Local Networks"
"grp_Client Networks"
"grp_Server Networks"
"grp_Printer Networks"

"grp_Client Services on SERVER1"
"grp_Allowed Services to ANY"
Cancel
Vote Up 0 Vote Down

Cancel
0 RFCat_vk_01 over 18 years ago in reply to TOHIL

tnk,
exactly the same rules apply in ASG.

I can't remember in v6.303 if hover works, from you are saying it doesn't.

Ian M
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 RFCat_vk_01 over 18 years ago in reply to TOHIL

tnk,
exactly the same rules apply in ASG.

I can't remember in v6.303 if hover works, from you are saying it doesn't.

Ian M
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data