Quick links:
Product Overview
Installation
Settings and Administration
ADSL
SIP Support
Telephone ports
Network
Firewall
Wireless
VPN
Misc
Licenses
Troubleshooting
Differences
This shows you the differences between two versions of the page.
|
firewall:example_4 [2010/11/04 13:58] tibor |
firewall:example_4 [2010/11/04 14:00] (current) tibor |
||
|---|---|---|---|
| Line 35: | Line 35: | ||
| **8.** The **incoming user rules** of the **ET4** interface also allow the packet through, as it goes to the 192.168.0.x subnet: | **8.** The **incoming user rules** of the **ET4** interface also allow the packet through, as it goes to the 192.168.0.x subnet: | ||
| - | | daddr == 192.168.50.1/24 || daddr == 192.168.0.1/24 accept | | + | | daddr == 192.168.50.1/24 %%||%% daddr == 192.168.0.1/24 accept | |
| **9.** The router sends the packet to ET1 as it is that interface that handles the 192.168.0.x subnet. | **9.** The router sends the packet to ET1 as it is that interface that handles the 192.168.0.x subnet. | ||
| Line 44: | Line 44: | ||
| Now all data flows headed to %%www.yourcompany.com%% are “hijacked" and redirected to your internal server, without your web browser noticing anything. An otherwise impossible task to configure is very easily done by manually adding one simple rule to the right ruleset! | Now all data flows headed to %%www.yourcompany.com%% are “hijacked" and redirected to your internal server, without your web browser noticing anything. An otherwise impossible task to configure is very easily done by manually adding one simple rule to the right ruleset! | ||
| + | |||
| + | ===== Entering the rule ===== | ||
| + | You enter the rule of step 2 above into the "Additional rules" fields of the [[web GUI:security profile]] page: | ||
| + | | ET1 | Incoming user | post | daddr == %%www.yourcompany.com%% modify static daddr 192.168.10.31 | | ||
| + | All other necessary rules are already present in the standard firewall ruleset. | ||
| + | |||
