Filtering traffic between zones
The following example shows how to filter traffic between zones by attaching rule sets to zone.
Step | Command |
---|---|
Create a zone named private and attach interfaces to it. |
|
Create a zone named dmz and attach an interface to it.
|
|
Create a zone named public and attach an interface to it. |
|
Create rule sets named to_private , to_dmz , and to_public . |
|
Attach the rule sets to each zone.
|
|
Commit the changes. |
|
The following example shows how to view the configuration.
vyatta@R1# show security zone-policy
zone dmz {
description DMZ
interface dp0p1p3
to private {
firewall to_private
}
to public {
firewall to_public
}
}
zone private {
description PRIVATE
interface dp0p1p1
interface dp0p1p2
to dmz {
firewall to_dmz
}
to public {
firewall to_public
}
}
zone public {
description PUBLIC
interface dp0p1p4
to dmz{
firewall to_dmz
}
to private {
firewall to_private
}
}