Hello, On Thu, 25 Jul 2002, Justin Booth wrote: > Actually I need to have the ip traffic for the 192.168.2.0/24 network, I > just don't want the 192.162.2.0/24 network to be able to find the > 192.168.3.0/24 network. Consider the 192.168.2.0 network to be a network I think, we will not stop the traffic to 192.168.2.0/24 > where most of my company sits, on the 192.168.3.0 network is our sensitive > accounting network..... I need to be able to talk to both sides, and not > have the 192.168.2.0/24 network be able to discover the 192.168.3.0/24 > network. You will talk always with IP from the proper subnet. > > # subnet 192.168.3.0/24 does not like 192.168.2.0/24: > > ip rule add prio 100 from 192.168.3.0/24 to 192.168.2.0/24 blackhole > > > > # make the above to happen > > echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter > > echo 1 > /proc/sys/net/ipv4/conf/eth0/rp_filter > > I tried this anyway and got the response of : > RTNETLINK answers: Invalid argument Time to compile new kernel, may be you need: CONFIG_IP_ADVANCED_ROUTER (IP: advanced router) CONFIG_IP_MULTIPLE_TABLES (IP: policy routing) > Justin Booth Regards -- Julian Anastasov <ja@ssi.bg> - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
