Iptables converting problem
-
hi everybody,
i'm new here and got problem with this iptables issue..
i'm setup a new server for filtering my network traffic. i'm using pfsense as my firewall and using CentOS for my proxy+dansguardian. in order to make it transparent, i have to put this rule to make it works in firewall.
the proble is how can i converting this iptables rules to ipfw rules
#iptables -t mangle -A PREROUTING -j ACCEPT -p tcp –dport 80 -s 192.168.1.2
#iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp --dport 80my pfsense firewall did not accept iptables syntax rule ..
anyone please help..
thanks you.. -
Umm… pfSense uses pf and not ipfw to filter traffic.
Afaik ipfw is only used for scheduled rules and the CP.Also it's not such a good idea to add rules vi the console.
The next time you reboote/reload the rules they will be gone.Just add your rules via the GUI and they will stay.
-
Thanks for the reply…
all the suggestion and comment will be usefull for me.
If i'm using GUI, where should i put the rule...
Is it in the 'Firewall -> Rules -> LAN', Sorry for the silly question.
In my network, I have multiple VLAN and all computers in every VLAN connect to the internet through gateway server.FYI : Internet --> Router --> Firewall --> Core switch --> Switch --> User.
Any suggestion... Thanks.
-
How are your VLAN's set up?
Do you have a trunk interface to the pfSense machine?Go to Interfaces –> assign and you can create VLANs on the interfaces.
Each VLAN will appear as a "virtual" interface.Just dont mix untagged and tagged traffic on a single interface.
You create the rules under firewall --> rules.
If you work with VLANs you will have multiple (virtual) interfaces.
About the rules: http://forum.pfsense.org/index.php/topic,7001.0.html -
sorry for long time not come to this forum…
my firewall inteface was set as :-
1. WAN
2. LAN (User in my network use this interface)
3. DMZ
4. SLAN (LAN for server)so.. what you think..