Using iptables to block internal ip address

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
o2brew
DD-WRT Novice


Joined: 17 Aug 2007
Posts: 1

PostPosted: Sat Aug 18, 2007 22:30    Post subject: Using iptables to block internal ip address Reply with quote
Having a little trouble getting iptables to block access to an internal ip address. From what I understand the following should work.

iptables -I FOWARD -s 192.168.1.100 -d 192.168.1.101 -j DROP

I can see the rule at the top of the chain using --list, but it doesn't seem to be working. It does work for external addresses. For example

iptables -I FOWARD -s 192.168.1.100 -d 64.233.167.99 -j DROP

After inserting this I can't access that ip from the .100 machine but I can from .101.

Any advice on how I can get this working?
Sponsor
GeeTek
DD-WRT Guru


Joined: 06 Jun 2006
Posts: 3740
Location: I'm the one on the plate.

PostPosted: Sun Aug 19, 2007 0:58    Post subject: Reply with quote
IP tables does not do anything to the LAN traffic passing through the 4 port switch. Actually the 4 port switch is a 4 port switch that the router does not control at all. If you want to control connectivity between the ports of the 4 port switch, you need to read up on how to use virtual lans. With some programming, Vlans will get you where you are trying to go.
_________________
http://69.175.13.131:8015 Streaming Week-End Disco. Station Ripper V 1.1 will do.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum