Folks
I'm struggling with my firewall settings, and would appreciate some help.
I have a gateway machine (currently Centos 7 with IPV4 only) with two
NICs. One is connected to the internet, the other to an internal
network (10.0.0.0/24) of mixed hardware (windows7, android tablets,
android phones, linux boxes) using NAT. I wish to block all outgoing
connects to any external IP address on port 22 (ssh) originating from
any internal machine except one (which has a known internal IP address).
I've tried some commands using 'iptables' to accomplish this, but so
far have failed. If anyone has a suggestion, I'd really appreciate
it. In addition, a suitable version for 'firewalld' could be useful,
as an upgrade to Centos 8 is in plan.
Examples of what I've tried, and then tested. None of them stopped
an outgoing SSH from an internal system.
iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP
iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP
Much thanks
David
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos