Forum Discussion
JRahm
Jun 07, 2006Admin
Set up one network virtual server (0.0.0.0/0) with protocol TCP, binding only to your internal vlan:
virtual tcp_test-std_vip {
destination any:any
ip protocol tcp
vlans internal enable
rule tcp_forward-rule
}
And another for UDP:
virtual udp_test-std_vip {
destination any:any
ip protocol udp
vlans internal enable
rule udp_forward-rule
}
Now setup a network forwarding virtual server (0.0.0.0/0) with protocol 1 (ICMP), binding only to your internal vlan:
virtual icmp_test-fwd_vip {
destination any:any
ip forward
ip protocol icmp
vlans internal enable
}
And of course, the rules for the TCP/UDP forwarding:
rule tcp_forward-rule {
when CLIENT_ACCEPTED {
if { [TCP::client_port] > 1024 } {
forward
} else { discard }
}
}
rule udp_forward-rule {
when CLIENT_ACCEPTED {
if { [UDP::client_port] > 1024 } {
forward
} else { discard }
}
}
Standard disclaimer...Untested!