editor
471
edits
This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
m (clean up, typos fixed: adminitrator → administrator, eg → e.g. (2)) |
m (Add info about cli format of listing, and that one doesn't need an expr for addresses/blocks) |
||
First, identify or define a firewall service:
:expr list type=serv
:expr add name=plex type=serv proto=tcp dstport=32400
Identify your host (or netblock) (optional, you can enter srcip/dstip values in the rules as address/netmask):
:expr add name=myserv_v6 type=ip addr=2001:db8::dead:beef
:expr add name=allhosts_v6 type=ip addr=2001:db8::/64
Add the new rule to the forward_custom chain (you can use e.g.'name=inbound_ssh' to give the rule a name which will be shown in the rule list):
:firewall rule add chain=forward_custom srcintf=wan dstip=myserv_v6 serv=plex action=accept
:firewall rule add chain=forward_custom srcintf=wan dstip=allhosts_v6 serv=ssh action=accept
Show the rules:
:firewall rule list chain=forward_custom
Show the rules in the same format as used to enter them (handy for cut 'n paste):
:firewall rule list chain=forward_custom format=cli
Remove a rule:
:firewall rule delete chain=forward_custom index=1
(Thanks to the links above and extensive use of the router's built-in 'help' facility.)
|