The StarOS log files are filled with failed ssh attempts to access the router. I decided to write some firewall rules to limit access to the router.

However, writing a set of rules to control access to the routers is complicated by these factors:

1) The network is routed and some router interfaces have more than one IP number assigned,

2) The network contains 16 /24 networks,

2) Each subnet in the network has an IP number that is reserved for a laptop to do network management so there are many IP numbers that must be defined to access the routers,

3) The firewall rule syntax has three rules: allow, deny, and ldeny,

4) The firewall rule syntax does not contain a lallow rule.

I would request the firewall rule syntax be updated to contain a lallow rule.

I assume the ldeny is a special case of the deny rule. If that is true, would it be possible to give an example of a ldeny rule and the corresponding deny rule. Following that logic, could an example of lallow rule and the corrsponding allow rule be given?

Thanks.

Butch

To log, simply use 'log' in place of allow, and the traffic will be logged without effecting rules explicitly blocking or allowing it later on in the script.

ldeny is a 'local deny', which will only block traffic 'to' the host system, and not traffic that is routed, or bridged through it.

The difference between deny, and ldeny on a technical standpoint, is that deny will block traffic on both FORWARD, and INPUT / OUTPUT chains, while ldeny will only block traffic in the INPUT / OUTPUT chain.

The lallow feature has been completed, and will be in the next release.

Thank you for the future update to include a lallow rule.

Butch