Red Hat system being used as a router/firewall. We are planning on putting
up a second router out to the Internet at large, and I'm wondering if I need
to make special considerations to prevent unwanted routing THROUGH this site:
+--------+ |Internet| +--------+ / \ / \ RTR1 RTR2 | | | | <---+--------------+---> (local LAN)
I assume it's possible for a site out on the Internet, trying to reach another
site out on the internet (neither being on the local LAN) to manage to find
a route THROUGH this local net.
I want to prevent this. Would the best way to do this be to use iptables to
disallow ALL packets between RTR1 and RTR2? Is there a better way to do this?
What would be any additional ramifications of doing the iptables DROP setup above?
tnx, KR
Ken Rossman rossman@xxxxxxxxxxxx
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
