By default the traffic from blue to green is closed. This guide explains how to setup a blue to green pinhole. Please checkout out the firewall rules reference for further description.

How to set it up?

To create a new blue to green pinhole, go to the IPFire WebGUI menu Firewall > Firewall Rules and click on the New rule button.

Step 1 - Source

In the first section define the source network or source IP address from where the network packages will be sent. Restrict the access as best as you can by selecting a single host or group of hosts rather than a complete network.

Leave Use Network Address Translation (NAT) unchecked.

Step 2 - Destination

Pick the destination for your firewall rule. This again could be a single host or a complete network which needs to be accessed. Select it from the dropdown boxes or enter the IP address directly. Restrict the access as best as you can by selecting a single host.

Step 3 - Protocol

Pick one or more services that will be accessible on the machine or network you just choose. Selecting All here is also possible but may be a security risk. Lower the risk by picking a protocol and destination port.

Step 4 - Almost done!

Make sure that you select the ACCEPT option, so that all packets that match your rule are accepted by the firewall. Add a descriptive remark. Enable Activate rule and enable Log rule if needed. Then click Add (or Update).


Congratulations. You set up a Blue to Green Pinhole!