gcooper at sonoracomm.com
Mon Oct 13 20:48:17 CEST 2014
You mean ETH1, right?
In previous situations, I have added simple firewall rules to block
10.0.0.0/8 from 10.0.0.0/8. You might need to specify source or
destination interfaces, or whatever to make the rules more granular if
you need to, but that will mean you need more rules.
Also, drop 192.168.0.0/24 from 10.0.0.0/8 plus 10.0.0.0/8 from
There's probably a better way and I'm no firewall expert, but it's
simple and works. If there is a better way, I'd like to know too. ;-)
On 10/13/2014 08:05 AM, Morten wrote:
> I have six nics in a server that I will use as a firewall/router.
> They are setup like this:
> eth0: 192.168.1.0/24 <http://192.168.1.0/24>
> eth1: dhcp (external / internet)
> eth2: 10.0.0.0/24 <http://10.0.0.0/24>
> eth3: 10.0.1.0/24 <http://10.0.1.0/24>
> eth4: 10.0.2.0/24 <http://10.0.2.0/24>
> eth5: 10.0.3.0/24 <http://10.0.3.0/24>
> eth6: 10.0.4.0/24 <http://10.0.4.0/24>
> I don't want any of the internal networks to be able to reach each
> other, but they should be able to connect to internet through eth2.
> How should i setup the configuration file correct?
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> Arno's (Linux IPTABLES Firewall) Homepage:
Sonora Communications, Inc.
1215 E. Pennsylvania Street
Tucson, AZ 85714
More information about the Firewall