i have 03 network
- 01 LAN mgtNet
- 01 HOT LAN homeNet
- 01 HOT LAN labNet
can someone advice how to allow my HOT LAN access to LAN for syslog(Port 514/UDP)
the custom firewall rule below does not seem to work.
# vi /etc/clearos/firewall.d/custom
:
iptables -I FORWARD -s 10.0.0.0/24 -d 192.168.11.241 -p udp --dport 514 -j ACCEPT # allow labNet to syslog-514
- 01 LAN mgtNet
- 01 HOT LAN homeNet
- 01 HOT LAN labNet
can someone advice how to allow my HOT LAN access to LAN for syslog(Port 514/UDP)
the custom firewall rule below does not seem to work.
# vi /etc/clearos/firewall.d/custom
:
iptables -I FORWARD -s 10.0.0.0/24 -d 192.168.11.241 -p udp --dport 514 -j ACCEPT # allow labNet to syslog-514
Share this post:
Accepted Answer
I thought you could only have one HotLAN per installation.
Anyway, the short answer is change FORWARD to INPUT. INPUT is for traffic destined for ClearOS. FORWARD is for traffic destined through ClearOS (either WAN -> LAN or LAN -> WAN).
You could (should?) also restrict the rule further to the HotLAN interface in question with a "-i your_HotLAN_interface". I am not sure if you need a further rule to allow replies back. If the above does not work, post back with the result of "iptables -nvL" between code tags.
Anyway, the short answer is change FORWARD to INPUT. INPUT is for traffic destined for ClearOS. FORWARD is for traffic destined through ClearOS (either WAN -> LAN or LAN -> WAN).
You could (should?) also restrict the rule further to the HotLAN interface in question with a "-i your_HotLAN_interface". I am not sure if you need a further rule to allow replies back. If the above does not work, post back with the result of "iptables -nvL" between code tags.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »