|
||||||||
On 6/7/06, Claudio Castro <ccastro at unr dot edu dot ar> wrote: > > If the traffics goes from the LAN to the the DMZ, the traffic is > entering to the DMZ interface...that's what I think...I may be wrong. > Going from the LAN to the DMZ. That's entering the LAN interface, exiting the DMZ interface. To put it another way, it's the interface where the traffic originates. > Anyway, so to stop this I would have to set a rule in the LAN interface > to block any default traffic that is not affected by any other rule right? > Yes, modify your LAN rules appropriately to permit or deny as desired. If you're going to leave the default permit any rule there, you'll have to put a reject or block rule above that rule (first matching rule applies). -Chris |