User Tools

Site Tools


docs:guide-user:firewall:fw3_configurations:fw3_ref_topo

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
docs:guide-user:firewall:fw3_configurations:fw3_ref_topo [2018/09/16 12:49]
bobafetthotmail ↷ Page moved from inbox:firewall:fw3_configurations:fw3_ref_topo to docs:guide-user:firewall:fw3_configurations:fw3_ref_topo
docs:guide-user:firewall:fw3_configurations:fw3_ref_topo [2018/09/18 21:24] (current)
dturvene
Line 12: Line 12:
 **MAIN** is configured to bridge all LAN-side traffic as the default ''​br-lan''​ interface **MAIN** is configured to bridge all LAN-side traffic as the default ''​br-lan''​ interface
 on the ''​192.16.3.0/​24''​ network. ​ See on the ''​192.16.3.0/​24''​ network. ​ See
-[[inbox:​firewall:​fw3_network#​lan-bridge|lan bridge]] for a description of this.+[[docs:​guide-user:​firewall:​fw3_network#​lan-bridge|lan bridge]] for a description of this.
 **MAIN** handles all the internal stations using the  **MAIN** handles all the internal stations using the 
 ''​192.168.3.0/​24''​ network, mostly WLAN stations but several wired ethernet ''​192.168.3.0/​24''​ network, mostly WLAN stations but several wired ethernet
Line 19: Line 19:
   * **MAIN** is the OpenWrt production router,   * **MAIN** is the OpenWrt production router,
   * **STA1** is a linux laptop from where most of testing is initiated,   * **STA1** is a linux laptop from where most of testing is initiated,
-  * **DUT** is the OpenWrt ''​Device Under Test''​ router wired to one of the **MAIN** ethernet ports,+  * **DUT** is the OpenWrt ''​Device Under Test''​ router wired to one of the **MAIN** ​802.3 ethernet ports,
   * **STA2** is a linux laptop,   * **STA2** is a linux laptop,
-  * **STA-printer** is an HP printer ​wired to a DUT ethernet port, +  ​* **STA3** and **STA4** are 802.11 wifi devices (tablet, phone, etc.) 
-  * **STA-server** is a linux desktop wired to a DUT ethenet ​port.+  ​* **STA-server1** is a linux server ​wired to a DUT 802.3 ethernet port in vlan 102
 +  * **STA-server2** is a linux desktop wired to a DUT 802.3 ethernet ​port in vlan 103.
  
 Unless otherwise noted, an IPv4 address is assigned using DHCP. Unless otherwise noted, an IPv4 address is assigned using DHCP.
  
 **MAIN** is provisioned with a static lease added for **DUT** so the **DUT** **MAIN** is provisioned with a static lease added for **DUT** so the **DUT**
-will always gets the same IP address: ''​192.168.3.11''​.  ​A static route to the +will always gets the same IP address: ''​192.168.3.11''​.  ​Static routes ​to the 
-**DUT** network must also be added to the **MAIN** routing table so **STA1** can +**DUT** network(s) must also be added to the **MAIN** routing table so **STA1** can 
-communicate with **STA2**.  See [[docs:​guide-user:​network:​ipv4:​start|ipv4 configuration]]+communicate with devices in vlan 102 and vlan 103.  ​ 
 +See [[docs:​guide-user:​network:​ipv4:​start|ipv4 configuration]]
 for provisioning static routes. for provisioning static routes.
  
Line 35: Line 37:
 the ''​192.168.10.0/​24''​ network for basic firewall testing. the ''​192.168.10.0/​24''​ network for basic firewall testing.
 ''​eth0.103''​ has a single wired ethernet port using the ''​192.168.30.0/​24''​ network for ''​eth0.103''​ has a single wired ethernet port using the ''​192.168.30.0/​24''​ network for
-[[inbox:​firewall:​fw3_configurations:​fw3_dmz|DMZ]] testing.+[[docs:​guide-user:​firewall:​fw3_configurations:​fw3_dmz|DMZ]] testing.
  
 The reference topology allows firewall rules to be modified on The reference topology allows firewall rules to be modified on
Line 50: Line 52:
 when is forwarded but expect it to be rejected or dropped. when is forwarded but expect it to be rejected or dropped.
  
-{{ :​media:​firewall-test-topov3.png?​direct&​800 }}+{{ :​media:​firewall-test-topov4.png?​direct&​800 }}
  
docs/guide-user/firewall/fw3_configurations/fw3_ref_topo.1537102142.txt.gz · Last modified: 2018/09/16 12:49 by bobafetthotmail