zone policy ของ Vyatta คล้ายๆ กับของ juniper SRX แฮะ 555
ruamit@vyatta# show zone-policy
zone DMZ {
interface eth3
}
zone local {
default-action drop
from trust {
firewall {
name from_internal
}
}
from untrust {
firewall {
name to-router
}
}
local-zone
}
zone trust {
default-action drop
description LAN_interface
interface eth2
}
zone untrust {
default-action drop
description WAN
from trust {
firewall {
name tcp-out
}
}
interface eth0
}
[edit]
No comments:
Post a Comment