-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I cannot reproduce this with a default config. Both zone.int and
zone.tun are enabled with the following rule:
SNAT[0]="EXT ALL 0.0.0.0/0=>0.0.0.0/0"
Now looking at the result:
$ iptables -t nat -nvL
Chain POSTROUTING_NAT_EXT (1 references)
pkt
Package: fiaif
Version: 1.20.0-2
Severity: critical
Tags: security
Justification: root security hole
Facts:
FIAIF with 3 zones
zone.tun
zone.int
zone.ext
zone.tun is used for a tun device
zone.int is for the internal lan
zone.ext is for the internet
zone.int settings:
SNAT[0]="EXT ALL 192.168
2 matches
Mail list logo