Dear Gerhard, surf to: http://iptables-tutorial.frozentux.net/chunkyhtml/targets.html There is discribed how the roules will be build. You wont a very districted router. DROP all packets, exept for the specified. On your example it would be something like:
but i want to regulate, that WKS_A from LAN_A can communicate with WKS_1 from LAN_B
iptables -A DROP # Drop all iptables -A FORWARD -s [IP-Adr. WKS_A] -d [IP-Adr. WKS_1] # BUT Forward this to this. I think thats all.. Grz Uwe Grutsch, Gerhard wrote:
i have got : network A with ip adress room 192.168.x.x (this side also connects to the internet) network B with ip adress room 10.x.x.x (my internal LAN) and a router with is a Linux box to connect the 2 lans via routing.
So far so good, the traffic is running between the 2 networks, since i configures the routes on both networks.
------------| |------------ | | LAN A |-----------------------ROUTER---------------| LAN B | | ------------- --------------
My problem is though, i have no restrictions! I know the first few commands like : iptables -P FORWARD DROP, but i want to regulate, that WKS_A from LAN_A can communicate with WKS_1 from LAN_B but not with WKS_2 from LAN_B. Or that WKS_1 on LAN_A is allowed to use SSH ánd nothing else, but WKS_2 on LAN_A can use all tcp/ip services.......
Thanx a lot in advance
Gerhard Grutsch Support services Tel : 089/55878-151 Mobile : 0172-8391368 E-mail : ggrutsch@statestreet.com