LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Several network interfaces: preventing access to one interface
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-30-2006, 08:36 AM   #1
Pinguix
LQ Newbie
 
Registered: Nov 2006
Posts: 2

Rep: Reputation: 0
Several network interfaces: preventing access to one interface

Hi there

Here's a question about what seems to be a "normal" behaviour.

I've got a linux box A with 2 network interfaces if_A1 and if_A2.
I have another PC B which is connected to the previous one: they're on the same subnet.
On B, I configure the network in order to use A as a gateway.
This means that for B, the default gateway is the IP address of if_A1.

I disable the routing fonctionality on A (ip_forward=0), and even add a netfilter policy in the FORWARD chain to DROP everything.
There is no bridge or such thing, the netmasks are OK.

So now, from B, when I try to reach the if_A2 IP address (ping, ssh or whatever), it works: A responds to B, using of course the if_A2 as a source IP address.

I would have thought that this should not work, considering this is a kind of routing behaviour.

So, first question, how is it that it works?
Second question: how can I prevent this? I mean, it is easy to prevent it using iptables, but is there a way to prevent it with a simple sysctl or /proc action?

I hope this is kind of clear...
Thanx...
 
Old 11-30-2006, 08:57 AM   #2
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
This is a repost of http://www.linuxquestions.org/questi...d.php?t=506221
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Preventing a network interface from starting at startup? extrasolar Linux - Networking 4 07-10-2006 02:28 PM
xmms network access / web interface Calcutec Linux - Software 0 12-19-2005 06:31 PM
preventing net access mufy Linux - Security 2 01-13-2005 05:09 AM
error at end of bootup, preventing access to desktop VanDraegon Linux - Newbie 2 07-01-2004 03:25 PM
Iptables Preventing Access lappen Linux - Security 3 12-21-2003 04:53 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:48 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration