[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Unwanted routing between subnets
> -----Original Message-----
> From: Holger Schletz [mailto:h.schletz@xxxxxxxxx]
> Sent: Wednesday, September 10, 2003 11:04 AM
> Thanks, that helped.
> I tried this before, but only on the INPUT chain. Too busy to
> see the obvious
> However, adding a ruleset for the INPUT chain is still
> necessary to protect
> the interfaces on the router itself, as these are not handled
> by the FORWARD
since the INPUT chain is only responsible for packets
destinated to local services on your Router there should
be no packet that matches
> iptables -A INPUT -i eth0 -s 192.168.0.0/16 -d 172.16.0.0/16 -j DROP
> iptables -A INPUT -i eth0 -s 172.16.0.0/16 -d 192.168.0.0/16 -j DROP
if I really unterstood you right and you wanted to block
the packets like that.
this behaviour changed between ipchains and iptables.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here