Hello,
i have a very simple question that i haven't found a way in Astaro but that i can do with extreme ease in Mikrotik products:
How do i do a "negated" rulke or definition?, like "everything BUT...."
for example:
i have networkt A and B behind my ASG each with their own NIC in ASG.
I want a rule that allows A to access internet irrestricted, so i make a FW rule like:
src:A dest:any serv:any allow
I also want to make A access B but only on certain services(smb in this example), so i make the rule:
src:A dest: B serv:netbios allow
but the first rule takes precedence allowing ALL [:S], in mikrotik this is easy, as i only need to mark a checkbox that negates an entity, so i can make the first rule dst: !B and then the second allow rule.
If i had a "internet" entity(like sonicwall has) instead of any this could also work
As far as i can tell, this basic thing as "everything but" or "internet" is not present in ASG, care to enlighten me on how to do this?, since AFAIK rules execute in order, even if i put the A to B rule first, it will get overriden.
This thread was automatically locked due to age.
