I’m trying to add firewall rules (just playing around with it to get to know how it works). My first goal is to block 443 port.
I’ve attached my network topology so you’ll understand how it works (see: “MyNetwork.png”).
Basically, I have a VYOS router which has 2 interfaces: ETH0 goes out to the outside world (internet) and ETH1 goes into the inner network.
I’ve attached my firewall rules as a picture (there are only 3 rules there) and the idea is that because i don’t have a rule to accept 443 port, it should drop by default. However, I can view it from the browser on one of the hosts.
- Because I have 2 interfaces (one for the outside world and one for the inside) => How should i attach the firewall to the interfaces?. Should “MonitorOutgoingData-Out” be on the out of ETH0 and “MonitorOutgoingData-In” be on the “in” of eth1?. would be happy to get an explenation on how it works (how do we know which interface to assign firewall rule to, and should it be the “in” “out” or “local”).