LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page iptables - how to prevent forwarding between interfaces?
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-09-2009, 01:00 PM   #1
driftwoodash
LQ Newbie
 
Registered: Oct 2009
Posts: 3

Rep: Reputation: 0
iptables - how to prevent forwarding between interfaces?

Hi,

I have a scenario where I have 3 IP interfaces - eth0, eth1 and eth2. My default route always points to either eth0 or eth1. I want IP traffic from eth2 never to use the default route. In other words, whenever i dont have a specific match on packets from eth2, i want them to be dropped instead of using the default route. Can someone suggest how i can use iptables to do this?

As an alternative I can even live with a policy that prevents any forwarding between eth0 and eth2 and between eth1 and eth2 completely.

would something like this work??

iptables -A FORWARD -i eth2 -o eth0 -d ! 192.168.1.0/24 -j DROP
iptables -A FORWARD -i eth2 -o eth1 -d ! 192.168.2.0/24 -j DROP

where 192.168.1.0/24 is eth0's subnet and 192.168.2.0/24 is eth1's subnet.

TIA
Last edited by driftwoodash; 10-09-2009 at 01:23 PM.
 
Old 10-10-2009, 09:25 AM   #2
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,291

Rep: Reputation: 62
The best way would be to drop everything first, then only allow the forwarding on the interfaces you want.


Quote:
iptables -P FORWARD DROP
iptables -A FORWARD -i eth0 -o eth1 -s 192.168.1.0/24 -j ACCEPT
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
problem forwarding packets with iptable notsosmart Linux - Security 2 10-22-2006 02:26 AM
forwarding packets with iptable and nat notsosmart Linux - Newbie 2 10-20-2006 03:07 AM
port forwarding using IPTABLE ...( Help) ad2005 Linux - Networking 5 03-15-2006 10:56 PM
IPTable Problems (Port Forwarding)... Arch3Angel Linux - Security 3 12-04-2004 04:56 PM
Problem forwarding between interfaces wlewis Linux - Networking 13 09-15-2002 07:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:14 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration