20 Nov
2002
20 Nov
'02
12:18
On Wednesday 20 November 2002 11:48, Frédéric Poulet wrote:
Is it a problem if i have FW_FORWARD=[IP SERVER IN DMZ]/[ADREES INTERN NETWORK],tcp,1:65535 for the security ?
I think you should rather use FW_SERVICES_INT_{TCP,UDP} and specify FW_TRUSTED_NETS. Make sure that the machines in the internal network is physically unreachable from the internet using other routes than through your FW machine. -- Ch