Firewall rules idea?

Home Page Forums Network Management Networking Firewall rules idea?

This topic contains 0 replies, has 0 voices, and was last updated by  glesov 11 years, 6 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #40896

    glesov
    Member

    Hello
    I have few(12) LAN networks, 172.16.x.0/24 (X=1 to 12), and WAN – 192.168.2.0/24 (behind hrdware router).
    172.16.X.1 addresses are on same NICadapter. I want to disable routing between them. But I want to use “address group” in ruleset, something like “ALL_IP_Nets”, where ALL_IP_Nets include this 12 networks – 172.16.1.0,172.16.2.0, …
    i.e SRC: All_IP_Nets, DST:All_IP_Nets,Service:ANY, DROP(or REJECT)

    #46133

    glesov
    Member

    Hi Bobb
    Thank you for replay.
    BUT …
    Its my fault 🙁
    the 172.16.0.0/16 INCLUDEs the 172.16.0.0/24 network, which is unacceptable in my situation(May be I mast do not use this network, but for the moments in this network there is application servers)

    What is I need (If someone is familiar with Winroute)
    Address Definitions:
    Net1 – 172.16.1.0/24
    Net2 – 172.16.2.0/24
    ……
    Net12 – 172.16.12.0/24

    All_IP_Nets
    +Net1
    +Net2
    …..
    +Net12

    And the rule is like:
    src | dst |Service | Action
    All_IP_Nets |All_IP_nets| Any | DROP/REJECT

    In iptables documentation there is option to use address groups, or alliases, or.. for source and destination, but what is the syntax, I cannot find nowhere such examples.

    Thanks to all

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.