David J Craigon wrote:
Hello,
I'm trying to build a firewall using Linux, iptables and conntrack. My
set up is pretty simple- I've got a computer with three interfaces-
one pointing to the internet, and two networks for different
"customers".
Internet--------Firewall------Customer 1
|
----------Customer 5
Customer 1 has 10.72.2.0/24. Customer 5 has 10.72.3.0/24. Both
customers have a server 10.72.2/3.3 running httpd on port 80.
Now, both Customer servers can get to the internet, and the internet
can get to them, but Customer 1's server can't get to Customer 5's
server.
Hi David,
Perhaps you need "routes" established for those subnets.
ip route add 10.72.2.0/24 dev ethX #customer1's nic
ip route add 10.72.3.0/24 dev ethY #customer5's nic
hth,
:m)
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
