Ping a Specific Port

Question

Pol Hallen

Asked: 2016-07-17 02:44:02 +0800 CST2016-07-17 02:44:02 +0800 CST 2016-07-17 02:44:02 +0800 CST

How to exclude lan from routing

772

server1 - eth0 - 192.168.1.212 (192.168.1.0/24) - eth1 - 192.168.5.1 (192.168.5.0/24) --> router2 --> DSL

server2 - eth0 - 192.168.1.223 (192.168.1.0/24) - eth1 - 192.168.123.223 (192.168.123.0/24)

(DSL)router2 <--> server1 <--> server2

on server1

route add -net 192.168.123.0/24 gw 192.168.1.223 dev eth0
iptables -A FORWARD -s 192.168.123.0/24 -d 0/0 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -d 192.168.123.0/24 -j ACCEPT

So, network 192.168.123.0/24 reachable 192.168.1.0/24 and router2 too. That's ok

I'd like deny network 192.168.123.0/24 to see all hosts on 192.168.1.0/24.

1 Answers

Voted

Tero Kilkanen · Answer 1 · 2016-07-17T03:40:58+08:00

Tero Kilkanen

2016-07-17T03:40:58+08:002016-07-17T03:40:58+08:00

Instead of using iptables by itself, I recommend that you use a firewall management package like Shorewall to configure the firewall. There you can easily configure different zones in your network, and configure access between them.

However, if you want to use iptables only, you add this line after your route command:

iptables -A FORWARD -s 192.168.123.0/24 -d 192.168.1.0/24 -j REJECT

3

How to exclude lan from routing

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?