Adding exception rules for traffic generated by the Smoothwall Filter and Firewall

Note: If IP address spoofing is turned on for any Smoothwall Filter web proxy authentication policy (see our help topic, Creating authentication policies), the LLB pool configured here isn't applied to local spoofed traffic because it's not seen as coming from the Smoothwall Filter.

Prerequisite

For each proxy service, select the default interface to use for traffic generated by the Smoothwall:

  1. On the NETWORK menu, under the Configuration submenu, click Source NAT & LLB rules.
  2. Under the Local traffic section, for each service, from the list, select the appropriate load balancing pool to use and click Save changes.

Procedure

  1. On the NETWORK menu, under the Configuration submenu, click Source NAT & LLB rules.
  2. Under the Source NAT rules section, click Add rule. Otherwise, find the rule that you want to place the new rule before or after, place your mouse cursor over the rule, click Add and then select either Rule above or Rule below.
  3. Select the Source IP addresses and Destination IP addresses where traffic is received from as identified in the network packet and click Add. Otherwise, leave blank to source NAT traffic for all IP addresses.
    • To add a new object or group directly, click Create and select the Type that you want to add, enter the Name, Address or select the Address objects and enter a descriptive Comment, and then click Add item.
    • To remove the object or group, click next to the IP address that you want to remove.
  4. Select the Services for this rule and click Add. Otherwise, leave blank to include all services.
    • To add a new service or group directly, click Create and select the Type that you want to add, enter the Name, Protocol and Port, or select the Service and click Add. Enter a descriptive Comment, and then, click Add item.
    • To remove the service or group, click next to the service that you want to remove.
  5. Choose the relevant source NAT (SNAT) behavior:
    • To use a link load balancing pool to hide the source IP address of the network device behind the external IP address of the Smoothwall Filter and Firewall, select the SNAT using a Link Load Balancing pool option and from the Link Load Balancing pool or Local IP address list, select the LLB pool.
    • To preserve the source IP address to make the network device's IP address available, select the Preserve the original source IP option and from the Gateway list, select the relevant gateway to route traffic. If you've more than one gateway configured, make sure that you select a gateway, don't select Automatic.
  6. Enter a descriptive Comment and click Save changes.

Follow-up tasks

  • To edit a source NAT rule, under the Source NAT rules section, place your mouse cursor over the rule that you want to amend and click Edit, make any changes and click Save changes.
  • To reorder the source NAT rules, under the Source NAT rules section, place your mouse cursor over the rule that you want to move, click it and drag the rule to the new position, and then click Save.
  • To delete a source NAT rule, under the Source NAT rules section, place your mouse cursor over the rule that you want to delete and click Delete.