[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IP-Tables Question



Op vr, 28-01-2005 te 12:19 +0100, schreef Omar:
> Hello all,
>    My question is how do I restrict access for the IP address 
> 192.168.1.2 since it is a server, and it should not be able to access 
> the internet or be accessible from the internet.  It's a Windows2002 
> server, even-though the gateway address is entered incorrectly it still 
> connects to the internet  But it should be accessible from the internal 
> network. below you will find the iptables -L, route, and the 
> iptables.rules. This company has multiple locations, and each location 
> with it's own IP 192.168.1.0 192.168.1.0 and so on...
                                       ^
I suppose that one is a typo? Or did you really configure every site on
the same subnet?

> So 192.168.1.2 should not reach the net, and should not be reachable 
> from the net, but it should be reachable from the internal network...

Run 

iptables -A FORWARD --source 192.168.1.2 -o eth0 -j REJECT

which is all it takes.

-- 
Wouter Verhelst
NixSys BVBA
Louizastraat 14, 2800 Mechelen
T:+32 15 27 69 50 / F:+32 15 27 60 51 / M:+32 486 836 198



Reply to: