undefined | Better HN

0 pointsmentat4y ago0 comments

What kind of firewall work didn't have default drop? Once you take that off the table you really do have a problem but I've only seen that one in 20 years of professional work.

0 comments

3 comments · 1 top-level

withinboredom4y ago· 2 in thread

I’ve had to do it fairly recently due to a lot of dynamic bridges and routing on the internal network vlan. I wanted to allow all traffic through the vlan from any device. However, wanted a default drop on the external interface.

X-Istence4y ago

Once you are working with VLAN's you are out of the bailiwick of consumer hardware, and you should be looking at more enterprise grade gear.

At that point having a default drop on the external interface and different rules for traffic traversing VLAN's is entirely possible, in fact that is what it is designed and built to do.

withinboredom4y ago

My consumer router has vlan support…

j / k navigate · click thread line to collapse