10 Sep
2003
10 Sep
'03
09:03
Thanks, that helped. I tried this before, but only on the INPUT chain. Too busy to see the obvious :-] However, adding a ruleset for the INPUT chain is still necessary to protect the interfaces on the router itself, as these are not handled by the FORWARD chain. Bye, Holger Am Dienstag, 9. September 2003 08:40 schrieb BLeonhardt@analytek.de:
Hi,
a rule like
iptables -A FORWARD -i eth0 -s 192.168.0.0/16 -d 172.16.0.0/16 -j DROP iptables -A FORWARD -i eth0 -s 172.16.0.0/16 -d 192.168.0.0/16 -j DROP
wouldn't work ?
Mit freundlichen Grüßen / Best regards Bruno Leonhardt
LPI Level 1 Certified Watchguard Certified System Professional CLP Domino R5 Systemadministrator