Best Practice - How to List Configured Trust Levels for IP Addresses and Networks

A trust level (sometimes also referred to as a ‘realm’) is a descriptive attribute for grouping and identifying networks easier that belong to a specific class.

Trust levels can be configured and inspected in the related configuration window for IP addresses and networks if Barracuda Firewall Admin is set to run in Advanced Mode.

IP addresses or networks labeled with Trusted or DMZ can also be inspected at CONFIGURATION > Configuration Tree > Assigned Services > Firewall > Forwarding Rules, under the categories DYNAMIC and STATIC.

If you want to list configured trust levels via the command line, you have the following options:

Perform the following steps:

1. Log into your firewall.

2. Log into SSH.

3. In the console window, enter the following command: ip r

4. If configured, the console window will display an output similar to this:

   [root@FW:~]# ip r 10.17.94.0/24 dev eth0 scope link src 10.17.94.74 realm trusted 127.0.0.9 dev lo scope link src 127.0.0.9 realm trusted 172.16.0.0/24 dev eth3 scope link src 172.16.0.10 realm dmz

Example #1: To list all entries for the trust level Trusted, perform the following steps:

1. Log into your firewall.

2. Log into SSH.

3. In the console window, enter the following command: ip r s realm trusted

4. If configured, the console window will display an output similar to this:

   [root@FW:~]# ip r s realm trusted 10.17.94.0/24 dev eth0 scope link src 10.17.94.74 realm trusted 127.0.0.9 dev lo scope link src 127.0.0.9 realm trusted

Example #2: To list all entries for the trust level ‘DMZ’, perform the following steps:

1. Log into your firewall.

2. Log into SSH.

3. In the console window, enter the following command: ip r s realm dmz

4. If configured, the console window will display an output similar to this:

   [root@FW:~]# ip r s realm dmz 172.16.0.0/24 dev eth3 scope link src 172.16.0.10 realm dmz