kuckucksmuehle:hackerspace:firewall

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
kuckucksmuehle:hackerspace:firewall [2017/11/13 17:36] ecohackkuckucksmuehle:hackerspace:firewall [2018/03/22 18:20] (current) – add information how to handle network disturbance kimparker
Line 7: Line 7:
  
  
-We have at the moment Debain running on a Z-Box (will be changed in the future). And configured the rules with "ferm":http://ferm.foo-projects.org/.+The firewall is APU with 3 gigabit network ports and Opnfsense as operating system.
  
-At the moment the router switches at night to the sateliteto use the flatrate of the satelite between 0:00-6:00  UTC + 1.+The network ports are named igb0igb1, igb2
  
 +igb0 is the uplink to the DSL network and has a dynamic IP address.
 +igb1 is the uplink to the SAT network and has a dynamic IP address.
 +igb2 is the interface to the network used by all clients in the premises and has a fixed IP address (192.168.1.1).
 +
 +==== DHCP Server ====
 +
 +The dhcp server is available on the igb2 network only and gives out dynamic addresses from 192.168.1.100 to 192.168.1.255 and fixed addresses from 192.168.1.10 to 192.168.1.99 .
 +
 +==== OpenVPN Client ====
 +
 +The OpenVPN client connects to a remote host tunnel all the traffic. When the VPN connection is up, all traffic gets forwarded through the VPN, when it is down, no traffic gets forwarded.
 +
 +==== Firewall Rules ====
 +
 +Firewall Rules are set in Opnfsense.
 +Outbound Nat Rules make sure that no traffic from the internal network is sent to the internet when the VPN is not up
 +
 +==== Handle Network Disturbances ====
 +
 +Sometimes it is required to check which device is responsible for traffic. In rare circumstances it is also required to shut that device off.
 +
 +  - Login to https://192.168.1.1
 +  - Open "Interfaces/Diagnostics/ARP Table" on a separate tab
 +  - Open "Reporting/Insight" on a separate tab
 +  - Open "Reporting/Traffic Graph", Select LAN
 +  - Find the device causing traffic, look up the IP in the arp-table (gives more info like manufacturer)
 +  - Open "Firewall/Traffic Shaper/Settings" -> Rules
 +  - Duplicate the BAD GUI rule and enter the IP address, name the new rule and click apply
  
  • kuckucksmuehle/hackerspace/firewall.1510590974.txt.gz
  • Last modified: 2017/11/13 17:36
  • by ecohack