|
need to force seperate subnets out via different gateways on debian 6.0.1 iptables
hey Guys,
I have a box running debian 6 with 3 NICs 192.168.52.0/24 --> etho --> debian-| |--> eth2--> net 192.168.1.0/24 --> eth1 --> debian-| the eth2 interface has 2 ip adresses both 172.16.1.2(gw 172.16.1.1) and 10.10.10.2(gw 10.10.10.1) # The tertiary network interface - Outside interface allow-hotplug eth2 iface eth2 inet static address 172.16.1.2 netmask 255.255.255.252 network 172.16.1.0 broadcast 172.16.1.3 gateway 172.16.1.1 dns-nameservers 8.8.8.8 iface eth2:0 inet static address 10.10.10 netmask 255.255.255.252 network 10.10.10.0 broadcast 10.10.10.3 gateway 10.10.10.1 dns-nameservers 8.8.8.8 id like to have an iptables firewall and have the 192.168.52.0 range on the net via 172.16.1.1 dsl router and the 192.168.1.0 range via the 10.10.10.1 isdn router. is this purely an iptables job or will there be some other stuff involved too? - im new to iptables |
You are talking about routing, not firewalling.
You'll need some routing tables and routing rules. As for the routing table, something like ip route add table 1 192.168.52.0/24 dev eth2 proto kernel scope link src 172.16.1.2 ip route add table 1 default via 172.16.1.1 dev eth2 And as for the routing rule, something like ip rule add from 172.16.1.2 lookup 1 Regards |
ill give it a shot, but then how do i firewall these two conncetions?
|
You firewall them as usual, with iptables. You only need to be sure to put correct source or destination address in the rules to avoid them catch all connections.
|
| All times are GMT -5. The time now is 07:58 PM. |