It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Best Practice - How to List Configured Trust Levels for IP Addresses and Networks

  • Last updated on

A trust level (sometimes also referred to as a ‘realm’) is a descriptive attribute for grouping and identifying networks easier that belong to a specific class.

Trust levels can be configured and inspected in the related configuration window for IP addresses and networks if Barracuda Firewall Admin is set to run in Advanced Mode.

IP addresses or networks labeled with Trusted or DMZ can also be inspected at CONFIGURATION > Configuration Tree > Assigned Services > Firewall > Forwarding Rules, under the categories DYNAMIC and STATIC.

If you want to list configured trust levels via the command line, you have the following options:

List the Membership of All Configured IP Addresses and Networks with their Related Trust Levels

Perform the following steps:

  1. Log into your firewall.

  2. Log into SSH.

  3. In the console window, enter the following command: ip r

  4. If configured, the console window will display an output similar to this:

    [root@FW:~]# ip r
    10.17.94.0/24 dev eth0 scope link src 10.17.94.74 realm trusted 
    127.0.0.9 dev lo scope link src 127.0.0.9 realm trusted 
    172.16.0.0/24 dev eth3 scope link src 172.16.0.10 realm dmz

Determine the Membership of IP Addresses or Networks for a Certain Trust Level

Example #1: To list all entries for the trust level Trusted, perform the following steps:

  1. Log into your firewall.

  2. Log into SSH.

  3. In the console window, enter the following command: ip r s realm trusted

  4. If configured, the console window will display an output similar to this:

    [root@FW:~]# ip r s realm trusted
    10.17.94.0/24 dev eth0 scope link src 10.17.94.74 realm trusted 
    127.0.0.9 dev lo scope link src 127.0.0.9 realm trusted

Example #2: To list all entries for the trust level ‘DMZ’, perform the following steps:

  1. Log into your firewall.

  2. Log into SSH.

  3. In the console window, enter the following command: ip r s realm dmz

  4. If configured, the console window will display an output similar to this:

    [root@FW:~]# ip r s realm dmz
    172.16.0.0/24 dev eth3 scope link src 172.16.0.10 realm dmz