[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Limiting access to parts of a Class C
From:       Brett Charbeneau <brett () wrl ! org>
Date:       2002-01-31 15:45:52
[Download RAW message or body]

Greetings,

	Any advice or guidance you kind souls can offer would be deeply
appreciated.
	I am trying to use iptables on a NAT'd firewall that our public
access workstations are on. I'm not as interested in protecting the
workstation as I am the OTHER hosts on my network from the public
workstations.
	The server has two NIC's, one with a routable IP and the other
with a non-routable on the same network as all the public clients who
will pick up their non-routable IP's via DHCP.
	Okay, check it out:

	The goal here is to allow the public clients access to our card
catalog via telnet and our web server via port 80 - but NO OTHER address
on our network. All other traffic needs to go out through our gateway and
out on to the Internet where it becomes someone else's problem.
	The Class C that the card catalog and web server are on is the
same Class C that the firewall server's routable IP address sits on.

	Am I barking up the wrong tree with iptables?

Brett Charbeneau, Network Administrator         Tel: 757-259-7750
Williamsburg Regional Library                   FAX: 757-259-7798
7770 Croaker Road                               brett@wrl.org
Williamsburg, VA 23188-7064                     http://www.wrl.org


[prev in list] [next in list] [prev in thread] [next in thread]