|
||||||||
You first need to NAT then create an inbound rule for WAN. Mine looks like this: TCP * 1024 - 65535 192.168.10.3 80 (HTTP) NAT web server The only rule you could need for OPT1 is outbound but the docs state a case for not even having that. http://img.m0n0.ch/docbook/examples-dmz-lockdown.html Peter On Wed, 28 Sep 2005 16:57:04 +1000, Mark Wass wrote: > Hi All > > Fairly simple question, but I just want to check. > > I will have a server on the Opt1 interface with a real IP, this > server > will have a web service running on it. > > What I want to know is what rules do I have to create on the Opt1 > interface to allow web access? > > This is what I thought I may have to add > > Pass/Block Proto Source Port > Destination > Port > Pass TCP * * > X.X.X.X 80 > > Do I have to add another rule allowing traffic from the server from > port > 80 backout to the Internet? > > Also will I have to add any rules to allow access to this server > from > LAN interface? > > Thanks > > -------------------------------------------------------------------- > - > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |