need help with pf configuration
Victor Sudakov
vas at mpeks.tomsk.su
Sun Oct 9 05:15:59 UTC 2011
Colleagues,
I have a configuration with 2 inside interfaces, 1 outside and 1 dmz
interface. The traffic should be able to flow
1) from inside1 to any (and back)
2) from inside2 to any (and back)
3) from dmz to outside only (and back).
I need no details, just a general hint how to setup such security
levels, preferably independent of actual IP addressses behind the
interfaces (a :network macro is not always sufficient). It would be
nice to find a configuration that would scale to any number of
interfaces with different security levels.
On a Cisco PIX I would configure
outside security0
inside1 security100
inside2 security100
dmz security50
and that's it, the PIX logic would do the rest.
Thank you very much in advance for any input.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:sudakov at sibptus.tomsk.ru
More information about the freebsd-questions
mailing list