To save time and repetition when configuring various aspects of your Smoothwall network infrastructure, you can create address objects and object groups.
An address object is made of either a single IP address, an IP address range, or an IP subnet. You can't have a combination of these in an IP address object. To do this, you must create an address object for each type, then create an address object group containing those objects.
For example, if you create multiple rules to the same set of servers, you can reduce duplication by creating an address object made up of those server IP addresses. You can then create an address object group containing the server's address object, and any client addresses in the same subnet.
Default address objects are indicated by italic text in the Address object manager table. You can't edit default address objects, but they can be used to make new, additional address object groups. The following address objects are provided by default:
- Internal networks
- All individual interfaces that aren't reached through an external interface, that is, basic interfaces, VLAN interfaces.
- Any configured VPNs and other static routes that are reached through an external interface.
- Any DHCP/PPPoE DNS servers
- Any automatically detected DNS server (using the Smoothwall’s configuration).
- Remote IP address of <PPPoE_interface>
- DNS server(s) on PPPoE connection <PPPoE_interface>
where PPPoE_interface is the configured name of the PPPoE connection. You can't see this pool if a PPPoE interface isn't configured on your Smoothwall, see our help topic, Adding new interface connections.
where PPPoE_interface is the configured name of the PPPoE connection. You can't see this pool if a PPPoE interface isn't configured on your Smoothwall.
You can either create new address objects on the Address object manager page or you can add new address objects "as you go" while adding Smoothwall Firewall rules.
You can also create nested address objects, that is, several child-address objects under a parent address object. For example, in a corporate environment, you can create an address object for each subnet or team, linked to a parent address object for each building or branch. You can create each address object separately or create the whole structure at the same time.