Hi,
Actually i have basically the same config that you have Nicolas... But
mine dont work :-) ... The only thing i have to test is not upgrade from
Wheezy to Jessie but install Debian 8 from beginning... Thanks for your
help.
P.D. Do you already test Vuurmuur rc1 upgrade?
On Fri, Feb 5, 2016 at 5:24 PM, <[email protected]> wrote:
> Hi,
>
> One of my firewall is running under debian 8.2 (jessie) with vuurmuur 0.7
> I've already tried PORTFW and NAT and both are working like a charm.
>
> Here is the skeleton of my vuurmuur configuration:
> - my "drop" section; every services specificaly not allowed are defined
> in this section and dropped (dns/ssh/telnet from WAN....)
> - my "DMZ sections"; allow (for DMZ_to_WAN) and PORTFW (for WAN_to_DMZ)
> sections
> - my "allow sections"; several different sections here (for LAN_to_WAN
> mainly and some others :) )...
> my 3 last line are :
> - a comment line named [General]
> - the snat lines : SNAT any from lan to wan
> - and : SNAT any from dmz to lan
>
>
> I've understood that iptables take its directives in the order of
> declaration, thus every dropping rule are on the top of my config file.
> It is easier to allow specific services and SNATING everything at the end
> (it is an advice I took from Victor Julien several years ago)
> That's why I keep this skeleton.
>
>
> I went from slackware 13.37 to debian 8.2 without any trouble (just have
> to rename the interfaces of course and some minor adjustements)
>
>
> If it helps, my apt configuration file
> -----
> # cat /etc/apt/sources.list.d/vuurmuur.list
> deb ftp://ftp.vuurmuur.org/debian/ wheezy main
> -----
>
>
> Maybe with some journal extract...
>
>
>
> ----- Mail original -----
> De: "Rafael A. Isturiz L." <[email protected]>
> À: "vuurmuur-users" <[email protected]>
> Envoyé: Vendredi 5 Février 2016 15:17:25
> Objet: [Vuurmuur-users] Debian 8
>
>
>
> Hi,
>
>
> Im testing the update of my firewall from Wheezy to Jessie... So i install
> Vuurmuur inside KVM and configure to work on Jessie like allways (all my
> rules fine), but with the upgrade some config dont work anymore... Like
> PORTFW and NAT i only get DROP with the same rules was working on Wheezy
> (maybe systemd?).
> Its there anyone have tested this?
>
>
> Thanks for the help.
>
>
> --
>
> a.k.a. pelox (Debian Powered) | JID:[email protected]
> Barquisimeto [VE] | LinuxUser [238188]
> http://pelox.gusl.org.ve
>
> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
> _______________________________________________
> Vuurmuur-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
>
--
a.k.a. pelox (Debian Powered) | JID:[email protected]
Barquisimeto [VE] | LinuxUser [238188]
http://pelox.gusl.org.ve
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Vuurmuur-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
