[ale] simple routing question
James Kinney
jkinney at localnetsolutions.com
Mon Jul 16 17:21:37 EDT 2001
Why not use the firewall itself to simply block all outgoing connection
from the "no access" machines?
You can even "cron" it to allow access at certain times, and not others.
/usr/sbin/iptables -A OUTPUT -s NO_ACCESS_IP -j DENY
and then:
/usr/sbin/iptables -D OUTPUT -s NO_ACCESS_IP -j DENY
On Mon, 16 Jul 2001, Dow Hurst wrote:
> I have a Class C subnet and I want to firewall 10 IPs of that subnet off
> from the rest of the Internet. As far as I understand, I must lose two
> IPs and subnet the subnet so that routing thru the firewall will take
> place correctly. Is there another way? I want inbound connections to
> be able to contact a machine inside the firewall so NAT isn't possible,
> correct?
> Is there a way to treat the firewall like a bridge instead of a router?
> Thanks,
> Dow
>
>
--
James P. Kinney III \Changing the mobile computing world/
President and COO \ one Linux user /
Local Net Solutions,LLC \ at a time. /
770-493-8244 \.___________________________./
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list