Thanks guys, I think I'm up and going now. And yes, I'll be reading more into the docs to make sure I'm not opening myself up for something. HAND! David On Friday 25 August 2006 16:02, Chris Wagner wrote: > At 02:53 PM 8/25/2006 -0600, David Bishop wrote: > >*don't* want traffic from 192.168.1.x (the cafe) to be routed to 10.0.0.x > > (my lan), just out through my broadband connection. How do I do that? > > Do u mean that u don't want people from the cafe to be able to access ur > private LAN? In that case just have iptables dump anything from the 192 > network destined for the 10 network. Apply it to the interface that the > 192 comes in on. > > base, crude example: > iptables -N cafe > iptables -A cafe -i eth3 -s ! 192.168.1.0/24 -j DROP > iptables -A cafe -i eth3 -d 10.0.0.0/8 -j DROP > > http://www.netfilter.org/documentation/index.html#documentation-howto > > > > > > > -- > REMEMBER THE WORLD TRADE CENTER ---=< WTC 911 >=-- > "...ne cede malis" > > 00000100
Attachment:
pgpa3ZddWCkDY.pgp
Description: PGP signature