-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
With the old format of rules for the mirage firewall I had the following setup:
...
let git_addr = Ipaddr.V4.of_string_exn "192.168.1.101"
let allowed_to_git = List.map Ipaddr.V4.of_string_exn
[ "10.137.0.20" ;
"10.137.0.21"
]
let local_subnet = Ipaddr.Prefix.of_string_exn "192.168.0.0/16"
let mgmt_local = Ipaddr.V4.of_string_exn "10.137.0.22"
let from_client = function
| { src = `Client c; dst = `External e } when Ipaddr.Prefix.mem e local_subnet
&& c#other_ip = mgmt_local -> `NAT
| { src = `Client c; dst = `External e } when e = Ipaddr.V4 git_addr
&& List.mem c#other_ip allowed_to_git -> `NAT
...
Is it possible to get the same functionality with the new rules using the prefix
and the lists of addresses? It would also be useful to be able to block prefixes
as well if that's possible.
Thanks for your help
-----BEGIN PGP SIGNATURE-----
iIgEARMKADAWIQRFNnsoPo7HH0XEMXc88cBGMbAIWAUCXR6YDBIccHJhZ29AdHV0
YW5vdGEuZGUACgkQPPHARjGwCFhrWwD9HZeHlNTUmw0R2gjZHqkTaqJ5rZYSv7rb
l4QdI0Y2POoA/1h50GNz+LL/XXlGJyfwGjSq+kKpbX8D1mqiJ1gJXUXw
=rWJK
-----END PGP SIGNATURE-----
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/LizX-vj--3-1%40tutanota.de.
For more options, visit https://groups.google.com/d/optout.
