You can configure rules as you need them to allow traffic from one place to the other.For restricting access to manage the Vyatta router to a specific IP address on a specific target NIC in the router, the following commands would be used for the example above: set firewall name eth3Local Filter rule 10 action accept set firewall name eth3Local Filter rule 10 source address 192.1 set firewall name eth3Local Filter rule 10 destination address 192.1 set interfaces ethernet eth3 firewall local eth3Local Filter Machines using IP address 192.1 would be allowed traffic to 192.1, which is the Vyatta router, and therefore be allowed to manage it.This, along with the documentation, should be enough to get you off the ground in getting your firewalls set up.
In the case of this system, for some tasks it’s a lot easier to use the command line interface (CLI).
I filled out the registration forms for the downloads and have not seen a single piece of spam from Vyatta.
😉 Quick reference for the commands that I used: [set|delete|show] firewall name Items in italics are input variables. I hope this post helps someone to understand Vyatta’s CLI (command line interface) in regards to setting up the firewalls.
That’s right, all traffic is allowed through the NICs all ways, inbound, outbound, and local destined traffic. These firewalls are inbound – traffic coming into the NIC to pass through to another IP or subnet, outbound – traffic leaving the NIC, and local – traffic destined for the NIC.
Each of these firewalls can be configured to lock the NIC down, and after configuring the firewall, all traffic not included in firewall rules is now blocked, versus the default state of open.