I'll try that on-list this time......
An iptables rule in the FORWARD chain to DROP all packets to/from that network? Using the FORWARD chain should allow access from the server's IP address, but not allowing any forwarded traffic. Regards, Leigh Leigh Sharpe Network Systems Engineer Pacific Wireless Ph +61 3 9584 8966 Mob 0408 009 502 email [EMAIL PROTECTED] web www.pacificwireless.com.au -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 06, 2006 5:08 AM To: lartc@mailman.ds9a.nl Subject: [LARTC] Routing question I've always had to either have routing on, or off on a system. For the first time this week I have a system on the internet but with one connection to a private network to manage a piece of network gear. The situation is where I have a server on a 802.1q trunk with 4 VLAN interfaces on the internet and needs standard routing across the interfaces, eth0.3, eth0.7, eth0.10, and eth0.11 all with public address space and has standard routing. I just turned up eth0.2 on a private network (192.168.x.x) that I need to prevent any traffic from the public interfaces from reaching. After dipping into the iprouting documentation, it's only confused me more. I assume this is accomplished with a rule but sofar I have only been able to completely shut off access to the private network entirely including the server's access to that subnet. Could someone point me to an example of how this can be done? Thank you! John Fulton Anchorage, AK _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc