Le 27/10/2016 à 13:36, Pol Hallen a écrit :
I've 2LAN (192.168.1/24 and 192.168.2/24) with these rules:
Please be more precise. Iptables rules are created on nodes (hosts and
routers), not networks.
iptables -A FORWARD -s 192.168.1/24 -d 0/0 -j ACCEPT
iptables -A FORWARD -m state --state E
On Thu, Oct 27, 2016 at 01:36:23PM +0200, Pol Hallen wrote:
> Hello all :-)
>
> I've 2LAN (192.168.1/24 and 192.168.2/24) with these rules:
>
> iptables -A FORWARD -s 192.168.1/24 -d 0/0 -j ACCEPT
> iptables -A FORWARD -m state --state ESTABLISHED,RELATED -d 192.168.1/24 -j
> ACCEPT
>
> and same
iptables -A FORWARD -s 192.168.2/24 -d 192.168.1/24 -m conntrack \
--ctstate NEW -m comment --comment 'lan2 cannot see lan1' -j DROP
[...]
cheers! :-p
Pol
Hi.
In-Reply-To:
On Thu, Oct 27, 2016 at 01:36:23PM +0200, Pol Hallen wrote:
> Hello all :-)
>
> I've 2LAN (192.168.1/24 and 192.168.2/24) with these rules:
>
> iptables -A FORWARD -s 192.168.1/24 -d 0/0 -j ACCEPT
> iptables -A FORWARD -m state --state ESTABLISHED,RELATED -d 192.168.1/
Hello all :-)
I've 2LAN (192.168.1/24 and 192.168.2/24) with these rules:
iptables -A FORWARD -s 192.168.1/24 -d 0/0 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -d 192.168.1/24
-j ACCEPT
and same rules for 192.168.2/24: this allow each lan see other lan.
Can I deny onl
5 matches
Mail list logo
