Iptables drop forward packets to specific host
I am having trouble isolating a specific host from others on my lan.
What I am trying to do is only allow communication between 192.168.0.2. and 192.168.0.8 as well as not allow any other host to access 192.168.0.8
iptables -A FORWARD -s 192.168.0.2 -d 192.168.0.8 -j ACCEPT
iptables -A FORWARD -s 192.168.0.8 -d 192.168.0.2 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -d 192.168.0.8 -j DROP
iptables -A FORWARD -s 192.168.0.8 -d 192.168.0.0/24 -j DROP
Default policy for forwarding is drop.
I have a machine with ip 192.168.0.4 that still can access 192.168.0.8 even after rebooting all machines. What am I doing wrong?
I am having trouble isolating a specific host from others on my lan.
What I am trying to do is only allow communication between 192.168.0.2. and 192.168.0.8 as well as not allow any other host to access 192.168.0.8
iptables -A FORWARD -s 192.168.0.2 -d 192.168.0.8 -j ACCEPT
iptables -A FORWARD -s 192.168.0.8 -d 192.168.0.2 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -d 192.168.0.8 -j DROP
iptables -A FORWARD -s 192.168.0.8 -d 192.168.0.0/24 -j DROP
Default policy for forwarding is drop.
I have a machine with ip 192.168.0.4 that still can access 192.168.0.8 even after rebooting all machines. What am I doing wrong?
No comments:
Post a Comment