A trust level (sometimes also referred to as a ‘realm’) is a descriptive attribute for grouping and identifying networks easier that belong to a specific class.
Trust levels can be configured and inspected in the related configuration window for IP addresses and networks if Barracuda Firewall Admin is set to run in Advanced Mode.
IP addresses or networks labeled with Trusted or DMZ can also be inspected at CONFIGURATION > Configuration Tree > Assigned Services > Firewall > Forwarding Rules, under the categories DYNAMIC and STATIC.
If you want to list configured trust levels via the command line, you have the following options:
List the Membership of All Configured IP Addresses and Networks with their Related Trust Levels
Perform the following steps:
Log into your firewall.
Log into SSH.
In the console window, enter the following command:
ip r
If configured, the console window will display an output similar to this:
[root@FW:~]# ip r 10.17.94.0/24 dev eth0 scope link src 10.17.94.74 realm trusted 127.0.0.9 dev lo scope link src 127.0.0.9 realm trusted 172.16.0.0/24 dev eth3 scope link src 172.16.0.10 realm dmz
Determine the Membership of IP Addresses or Networks for a Certain Trust Level
Example #1: To list all entries for the trust level Trusted, perform the following steps:
Log into your firewall.
Log into SSH.
In the console window, enter the following command:
ip r s realm trusted
If configured, the console window will display an output similar to this:
[root@FW:~]# ip r s realm trusted 10.17.94.0/24 dev eth0 scope link src 10.17.94.74 realm trusted 127.0.0.9 dev lo scope link src 127.0.0.9 realm trusted
Example #2: To list all entries for the trust level ‘DMZ’, perform the following steps:
Log into your firewall.
Log into SSH.
In the console window, enter the following command:
ip r s realm dmz
If configured, the console window will display an output similar to this:
[root@FW:~]# ip r s realm dmz 172.16.0.0/24 dev eth3 scope link src 172.16.0.10 realm dmz