{"id":856,"date":"2014-07-01T12:45:41","date_gmt":"2014-07-01T12:45:41","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/2014\/07\/01\/vyatta-how-to-create-a-firewall-policy\/"},"modified":"2021-08-01T00:42:59","modified_gmt":"2021-08-01T00:42:59","slug":"vyatta-how-to-create-a-firewall-policy","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/Routers\/Brocade\/vyatta-how-to-create-a-firewall-policy.html","title":{"rendered":"Vyatta – How to create a Firewall Policy"},"content":{"rendered":"
Within this article we will show you how to create a firewall policy for a Brocade\u00a0Vyatta\u00a0router. Firewalls policies are created much like any other device, using a combination such \u00a0source IP , destination IP etc etc. Once created it is then applied to an interface.<\/p>\n
There are 3 types of groups they are address groups, network groups and port-groups.<\/p>\n
Address group<\/strong> – groups a IPs and IP ranges.<\/p>\n Network group<\/strong> – groups networks.<\/p>\n Port group<\/strong> – groups ports or port-ranges<\/p>\n When creating a firewall policy there is a huge range of options. In this example we will provide the main 4. Action, source, destination and protocol.<\/p>\n Next the firewall policy is assigned to an interface. To confirm the interface mappings i.e eth3 equals OUTSIDE. Run the command show interfaces.<\/span><\/p>\n Finally save your changes. This is a 2 step process. First we save the changes to the save config and then we commit the changes to the running configuration.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" Within this article we will show you how to create a firewall policy for a Brocade\u00a0Vyatta\u00a0router. Firewalls policies are created much like any other device, using a combination such \u00a0source IP , destination IP etc etc. Once created it is then applied to an interface. Group Types There are 3 types of groups they are … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":854,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[],"yoast_head":"\nset firewall group address-group ADDGROUP address x.x.x.x|x.x.x.x-x.x.x.x<\/pre>\n
set firewall group network-group NETGROUP x.x.x.x\/x<\/pre>\n
set firewall group port-group PORTGROUP x|x-x<\/pre>\n
Create Firewall Policy<\/h2>\n
set firewall name OUTSIDE rule 10 action accept\r\nset firewall name OUTSIDE rule 10 source (x.x.x.x|address-group <GROUP>|network-group <GROUP>)\r\nset firewall name OUTSIDE rule 10 destination (x.x.x.x|address-group <GROUP>|network-group <GRO\r\nUP>|port-group <GROUP>)\r\nset firewall name OUTSIDE rule 10 protocol (tcp_udp|all)<\/pre>\n
Assign to Interface<\/h2>\n
set interfaces ethernet eth0 firewall in name 'OUTSIDE'<\/pre>\n
Save<\/h2>\n
save - save to saved config commit - commit to running config<\/pre>\n