I want to externally only allow 192.168.2.132 to access 8080 other requests all drop
This 8080 is a port that forwards the intranet, but it does not work according to the settings below. Is that something wrong with me? Please forgive me for asking a lower level question.
# run show interfaces ethernet
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 192.168.1.78/24 u/u WAN
eth1 10.0.0.1/24 u/u LAN
[edit]
# show nat
destination {
rule 10 {
description 192.168.1.78:8080->10.0.0.100:80
destination {
address 192.168.1.78
port 8080
}
inbound-interface eth0
protocol tcp
translation {
address 10.0.0.100
port 80
}
}
}
source {
rule 100 {
outbound-interface eth0
source {
address 10.0.0.0/24
}
translation {
address masquerade
}
}
}
[edit]
# show firewall
name test-fw {
default-action drop
rule 1 {
action accept
state {
established enable
related enable
}
}
rule 2 {
action accept
destination {
port 8080
}
protocol tcp
source {
address 192.168.2.132
}
}
}
[edit]
vyos@route1# show interfaces ethernet eth0 firewall
in {
name test-fw
}
local {
name test-fw
}