Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
userdoc:tt_firewall_overview [2020/05/13 15:49] mkeuter |
userdoc:tt_firewall_overview [2020/05/24 16:04] (current) abelbeck [Default Allowed Traffic Flow] |
||
|---|---|---|---|
| Line 12: | Line 12: | ||
| !!Note ->!! WireGuard and OpenVPN virtual networks are treated as LANs. | !!Note ->!! WireGuard and OpenVPN virtual networks are treated as LANs. | ||
| + | |||
| + | !!Note ->!! Using the DMZ requires at least one LAN defined. | ||
| ===== DMZ Traffic Flow ===== | ===== DMZ Traffic Flow ===== | ||
| Line 21: | Line 23: | ||
| - Allow DMZ->EXT (internet) | - Allow DMZ->EXT (internet) | ||
| - Allow LAN->DMZ (includes WireGuard and OpenVPN virtual LANs) | - Allow LAN->DMZ (includes WireGuard and OpenVPN virtual LANs) | ||
| + | - Allow Local-> | ||
| The DMZ makes a great place to place servers and LXC containers, isolated to your network and AstLinux box, but reachable from any LAN and AstLinux itself. | The DMZ makes a great place to place servers and LXC containers, isolated to your network and AstLinux box, but reachable from any LAN and AstLinux itself. | ||
| Line 31: | Line 34: | ||
| Pass DMZ-> | Pass DMZ-> | ||
| - | You may also want mDNS (UDP 5353) | + | You may also want mDNS ('' |
| - | To drop DMZ-> | + | To disable |
| Firewall sub-tab: | Firewall sub-tab: | ||
| Line 42: | Line 45: | ||
| For the Pi-Hole case, the DMZ is perfect. | For the Pi-Hole case, the DMZ is perfect. | ||
| + | |||
| + | |||
| + | ===== Firewall Plugins ===== | ||
| + | |||
| + | !!Related Info ->!! **[[userdoc: | ||
| + | \\ | ||
| + | ===== Firewall External Block List ===== | ||
| + | |||
| + | !!Related Info ->!! **[[userdoc: | ||
| + | \\ | ||