Blocking connections between two local IP's with IPTables

Toggle sidebar Toggle sidebar
W

wotot2

Honorable
Dec 26, 2013
16
0
10,510
I have three VM's set up on a local network, one acting as a firewall, one acting as a webserver, and one acting as a fileserver. I am trying to setup IPTables such that the webserver would not be able to talk to the fileserver at all.

Is there a command that will do this? I only want to drop connections between the two IPs (they need to be on the same network) of the servers, but still allow the servers to communicate independently to the firewall.
 
Solution
B
If you were running actual machines you could run the firewall in transparent mode.....ie layer 2.. The firewall would then act as a switch that could filter traffic.

When you run VM I am not real sure how you would simulate that especially since you want them on the same subnet. The reason it works with physical equipment is even thought the traffic runs what appears to be directly between the 2 device the cables force it to go thought the firewall.

When you run VM and you bridge them the bridge is acting as the switch. I am no expert in the VM but you need to find a way to force the traffic to be controlled by the firewall.

Even some fairly basic managed switches have the ability to filter traffic between ports but again this...
Sort by date Sort by votes
B

bill001g

Titan
Aug 9, 2012
28,319
2,754
125,640
If you were running actual machines you could run the firewall in transparent mode.....ie layer 2.. The firewall would then act as a switch that could filter traffic.

When you run VM I am not real sure how you would simulate that especially since you want them on the same subnet. The reason it works with physical equipment is even thought the traffic runs what appears to be directly between the 2 device the cables force it to go thought the firewall.

When you run VM and you bridge them the bridge is acting as the switch. I am no expert in the VM but you need to find a way to force the traffic to be controlled by the firewall.

Even some fairly basic managed switches have the ability to filter traffic between ports but again this is actual hardware.
 
Upvote 0 Downvote
Solution
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom