Suricata Schaubild: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 5: | Zeile 5: | ||
=Änderungen= | =Änderungen= | ||
==Firewall== | ==Firewall== | ||
| − | ;enp0s8 | + | ;enp0s8 172.31.31.1/24 |
| − | |||
;ip route add 10.0.101.0/24 via 172.31.31.2 | ;ip route add 10.0.101.0/24 via 172.31.31.2 | ||
;iptables -A FORWARD -s 172.31.31.2/24 -i $DMZDEV -o $WANDEV -m state --state NEW -j ACCEPT | ;iptables -A FORWARD -s 172.31.31.2/24 -i $DMZDEV -o $WANDEV -m state --state NEW -j ACCEPT | ||
;iptables -tnat POSTROUTING -s 172.31.31.2/24 -o $WANDEV -j MASQUERADE | ;iptables -tnat POSTROUTING -s 172.31.31.2/24 -o $WANDEV -j MASQUERADE | ||
Version vom 27. September 2022, 15:01 Uhr
Ohne IDS/IPS
Mit IDS/IPS
![Bearbeiten](javascript:editDrawio("1828585333", "ids.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
![Bearbeiten](javascript:editDrawio("53172222", "ids-1.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
Änderungen
Firewall
- enp0s8 172.31.31.1/24
- ip route add 10.0.101.0/24 via 172.31.31.2
- iptables -A FORWARD -s 172.31.31.2/24 -i $DMZDEV -o $WANDEV -m state --state NEW -j ACCEPT
- iptables -tnat POSTROUTING -s 172.31.31.2/24 -o $WANDEV -j MASQUERADE