Firewall Vyatta PDF

Cho s mng sau:
eth2 eth1
1/ Cu hnh firewall trn my V1 theo cc yu cu sau: a/ Khng cho mng Internet truy cp vo mng Private b/ Ch cho php mng Private truy cp mng Internet cc port sau: TCP(80,443,53,110,21) UDP(53) c/ Ch cho php mng Internet truy cp vo mng DMZ cc port sau: TCP(80, 443, 25, 110, 53) UDP(53). Mng DMZ c php truy cp mng Internet tt c cc giao thc. d/ Ch cho php mng Private truy cp mng DMZ cc port sau: TCP(53,80,443,25,110,445) UDP(53). Mng DMZ c php truy cp mng Private tt c cc giao thc. e/ Ch cho php my 192.168.10.10 ca mng Private c php truy cp vo my V1 cc port sau: TCP (22) f/ My V1 c php truy cp tt c cc mng.
To zone root@r1# set zone-policy zone private_zone interface eth0 root@r1# set zone-policy zone dmz_zone interface eth1 root@r1# set zone-policy zone public_zone interface eth2 root@r1# set zone-policy zone vyatta_zone local-zone root@r1#commit a/ Khng cho mng Internet truy cp vo mng Private root@r1# set firewall name public_to_private rule 1 action accept root@r1# set firewall name public_to_private rule 1 state established enable root@r1#commit root@r1#set zone-policy zone private_zone from public_zone firewall name public_to_private root@r1#commit root@r1# show firewall name public_to_private default-action drop rule 1 { action accept state { established enable } } [edit] b/ Ch cho php mng Private truy cp mng Internet cc port sau: TCP(80,443,53,110,21) UDP(53) root@r1# set firewall name private_to_public rule 1 action accept root@r1# set firewall name private_to_public rule 1 state established enable root@r1# set firewall name private_to_public rule 2 action accept root@r1# set firewall name private_to_public rule 2 state new enable root@r1# set firewall name private_to_public rule 2 protocol tcp_udp root@r1# set firewall name private_to_public rule 2 destination port 80,443,53,110,21 root@r1#commit root@r1#set zone-policy zone public_zone from private_zone firewall name private_to_public root@r1#commit root@r1# show firewall name private_to_public default-action drop rule 1 { action accept state { established enable
} } rule 2 { action accept destination { port 80,443,53,110,21 } protocol tcp_udp state { new enable } } [edit] c/ Ch cho php mng Internet truy cp vo mng DMZ cc port sau: TCP(80, 443, 25, 110, 53), UDP(53). Mng DMZ c php truy cp mng Internet tt c cc giao thc. root@r1# set firewall name public_to_dmz rule 1 action accept root@r1# set firewall name public_to_dmz rule 1 state established enable root@r1# set firewall name public_to_dmz rule 2 action accept root@r1# set firewall name public_to_dmz rule 2 state new enable root@r1# set firewall name public_to_dmz rule 2 protocol tcp_udp root@r1# set firewall name public_to_dmz rule 2 destination port 80,443,25,110,53 root@r1#commit root@r1# set firewall name dmz_to_public rule 1 action accept root@r1#commit root@r1#set zone-policy zone dmz_zone from public_zone firewall name public_to_dmz root@r1#commit root@r1#set zone-policy zone public_zone from dmz_zone firewall name dmz_to_public root@r1#commit root@r1# show firewall name public_to_dmz default-action drop rule 1 { action accept state { established enable } } rule 2 { action accept destination { port 80,443,25,110,53 } protocol tcp_udp
state { new enable } } [edit] root@r1# show firewall name dmz_to_public default-action drop rule 1 { action accept } [edit]
d/ Ch cho php mng Private truy cp mng DMZ cc port sau: TCP(22,53,80,443,25,110,445) UDP(53). Mng DMZ c php truy cp mng Private tt c cc giao thc. root@r1# set firewall name private_to_dmz rule 1 action accept root@r1# set firewall name private_to_dmz rule 1 state established enable root@r1# set firewall name private_to_dmz rule 2 action accept root@r1# set firewall name private_to_dmz rule 2 state new enable root@r1# set firewall name private_to_dmz rule 2 protocol tcp_udp root@r1# set firewall name private_to_dmz rule 2 destination port 22,53,80,443,25,110,445 root@r1#commit root@r1# set firewall name dmz_to_private rule 1 action accept root@r1#commit root@r1#set zone-policy zone dmz_zone from private_zone firewall name private_to_dmz root@r1#commit root@r1#set zone-policy zone private_zone from dmz_zone firewall name dmz_to_private root@r1#commit root@r1# show firewall name private_to_dmz default-action drop rule 1 { action accept state { established enable } } rule 2 { action accept destination { port 22,53,80,443,25,110,445 }
protocol tcp_udp state { new enable } } [edit] root@r1# show firewall name dmz_to_private default-action drop rule 1 { action accept } [edit] e/ Ch cho php my 192.168.10.10 ca mng Private c php truy cp vo my V1 cc port sau: TCP (22) root@r1# set firewall name private_to_vyatta rule 1 action accept root@r1# set firewall name private_to_vyatta rule 1 state established enable root@r1# set firewall name private_to_vyatta rule 2 action accept root@r1# set firewall name private_to_vyatta rule 2 state new enable root@r1# set firewall name private_to_vyatta rule 2 protocol tcp root@r1# set firewall name private_to_vyatta rule 2 source address 192.168.60.10 root@r1# set firewall name private_to_vyatta rule 2 destination port 22 root@r1#commit root@r1#set zone-policy zone vyatta_zone from private_zone firewall name private_to_vyatta root@r1#commit root@r1# show firewall name private_to_vyatta default-action drop rule 1 { action accept state { established enable } } rule 2 { action accept destination { port 22 } protocol tcp source { address 192.168.60.1 }
state { new enable } } [edit] f/ My V1 c php truy cp mng dmz root@r1# set firewall name dmz_to_vyatta rule 1 action accept root@r1# set firewall name dmz_to_vyatta rule 1 state established enable root@r1#commit root@r1#set zone-policy zone vyatta_zone from dmz_zone firewall name dmz_to_vyatta root@r1#commit root@r1# show firewall name dmz_to_vyatta default-action drop rule 1 { action accept state { established enable } } [edit] f/ My V1 c php truy cp mng public. root@r1# set firewall name public_to_vyatta rule 1 action accept root@r1# set firewall name public_to_vyatta rule 1 state established enable root@r1#commit root@r1#set zone-policy zone vyatta_zone from public_zone firewall name public_to_vyatta root@r1#commit root@r1# show firewall name public_to_vyatta default-action drop rule 1 { action accept state { established enable } } [edit]
root@r1# show zone-policy zone dmz_zone { default-action drop from private_zone { firewall { name private_to_dmz } } from public_zone { firewall { name public_to_dmz } } interface eth1 } zone private_zone { default-action drop from dmz_zone { firewall { name dmz_to_private } } from public_zone { firewall { name public_to_private } } interface eth0 } zone public_zone { default-action drop from dmz_zone { firewall { name dmz_to_public } } from private_zone { firewall { name private_to_public } } interface eth2 }
zone vyatta_zone { default-action drop from dmz_zone { firewall { name dmz_to_vyatta } } from private_zone { firewall { name private_to_vyatta } } from public_zone { firewall { name public_to_vyatta } } local-zone } [edit]

Firewall Vyatta PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Firewall Vyatta PDF

Uploaded by

Copyright:

Available Formats

Cho s mng sau:

You might also like