iSeriesCodePoet
Programmer
I am close on getting my firewall working. I have one task left, blocking access from eth1 (10.1.1.1) to eth2 (10.1.2.1) and vise versa.
I am using IPTables for a firewall, and have port forwarding working between eth0 and the other 2, but I don't want the two internal NICs talking. Basically, I want create a DMZ (but that isn't the purpose).
What I have in firewall rules now, that doesn't seem to work is in IPtable 'filter', chain FORWORD, Drop If
input interface is *eth2* and output interface is *eth1.* I have a second for the other way. Unfortunatly, this does not seem to work as I can browse to a webserver running on the other network, and I can ping it as well.
Does anyone know how to help? Thanks,
iSeriesCodePoet
iSeries Programmer/Lawson Software Administrator
![[pc2]](/data/assets/smilies/pc2.gif "[pc2] [pc2]")
See my progress to converting to linux. The Programmer's Knowledge Base ->
I am using IPTables for a firewall, and have port forwarding working between eth0 and the other 2, but I don't want the two internal NICs talking. Basically, I want create a DMZ (but that isn't the purpose).
What I have in firewall rules now, that doesn't seem to work is in IPtable 'filter', chain FORWORD, Drop If
input interface is *eth2* and output interface is *eth1.* I have a second for the other way. Unfortunatly, this does not seem to work as I can browse to a webserver running on the other network, and I can ping it as well.
Does anyone know how to help? Thanks,
iSeriesCodePoet
iSeries Programmer/Lawson Software Administrator
See my progress to converting to linux. The Programmer's Knowledge Base ->