Hi, One of my firewall is running under debian 8.2 (jessie) with vuurmuur 0.7 I've already tried PORTFW and NAT and both are working like a charm.
Here is the skeleton of my vuurmuur configuration: - my "drop" section; every services specificaly not allowed are defined in this section and dropped (dns/ssh/telnet from WAN....) - my "DMZ sections"; allow (for DMZ_to_WAN) and PORTFW (for WAN_to_DMZ) sections - my "allow sections"; several different sections here (for LAN_to_WAN mainly and some others :) )... my 3 last line are : - a comment line named [General] - the snat lines : SNAT any from lan to wan - and : SNAT any from dmz to lan I've understood that iptables take its directives in the order of declaration, thus every dropping rule are on the top of my config file. It is easier to allow specific services and SNATING everything at the end (it is an advice I took from Victor Julien several years ago) That's why I keep this skeleton. I went from slackware 13.37 to debian 8.2 without any trouble (just have to rename the interfaces of course and some minor adjustements) If it helps, my apt configuration file ----- # cat /etc/apt/sources.list.d/vuurmuur.list deb ftp://ftp.vuurmuur.org/debian/ wheezy main ----- Maybe with some journal extract... ----- Mail original ----- De: "Rafael A. Isturiz L." <[email protected]> À: "vuurmuur-users" <[email protected]> Envoyé: Vendredi 5 Février 2016 15:17:25 Objet: [Vuurmuur-users] Debian 8 Hi, Im testing the update of my firewall from Wheezy to Jessie... So i install Vuurmuur inside KVM and configure to work on Jessie like allways (all my rules fine), but with the upgrade some config dont work anymore... Like PORTFW and NAT i only get DROP with the same rules was working on Wheezy (maybe systemd?). Its there anyone have tested this? Thanks for the help. -- a.k.a. pelox (Debian Powered) | JID:[email protected] Barquisimeto [VE] | LinuxUser [238188] http://pelox.gusl.org.ve ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ Vuurmuur-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vuurmuur-users ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ Vuurmuur-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
