Hypothetical Networking Question - iptables configurations

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
OneAboveAll
DD-WRT Novice


Joined: 17 Apr 2014
Posts: 1
PostPosted: Thu Apr 17, 2014 7:26    Post subject: Hypothetical Networking Question - iptables configurations Reply with quote
Hi all,

I hope your day is going well.

I have a question regarding my network :-

1. My Network consist of :-
a) 1 Asus 4 port broadband router ( also DHCP
Server) also acts as gateway
b) 1 Network 8 portSwitch which is
connected to 1 of the 4 Asus router ports
c) 3 windows 8 pc's connected to the
switch's ports. PC-A,PC-B,PC-C are
connected to the 8 port switch.

IP of PC-A - 192.168.0.20
IP of PC-B - 192.168.0.21
IP of PC-C - 192.168.0.23

IP of router - 192.168.0.1

2. Questions :-
a) I want PC-A to only be able to talk to
PC-B and the router and the internet.
If I issue the iptable command on the
router so that PC-A can only see PC-B.
It cannot communicate with any other
entity on the network.
It can only communicate with PC-B,
communicate with the router and the
internet. Will it work ?

Because the PC-A is connected to a 8 Port
switch which in turns connect to the router.
And the other 2 PC's are also connected to
this same switch. Will the switch allow
PC-A to see and communicate with the
other 2 PC on the switch even with the
iptable configuration on the Asus router ?

b) How about if I connect PC-A to 1 of the
router's 4 ports and then connect the other 2
PC to the switch ? Will PC-A be able to see
the other 2 PC on the switch ?

c) What iptables command do I have to issue on
Asus router so that PC-A cannot talk any
PC or entity on the network. PC-A can
only talk to PC-B and also communicate with
the internet ?

d) If PC-A has a virus, does this means that
because of the iptables configurations, it
wont be able to infect any other entity on
the network. It can possibly only infect
PC-B and nothing else. Is this the case ?

e) So what iptables command do I have to issue
on Asus router so that PC-A cannot talk to any
PC or entity on the network. PC-A can
only talk to PC-B and also communicate with
the internet ?

f) Now fast forward a little bit, what if I do
not want PC-A to communicate with the
internet ? PC-A can only communicate with
PC-B. It cannot talk to PC-C or any other
entity on the network. It cannot talk to the
router. It cannot talk to the internet.

g) Now what iptable command do I have to issue
on the router to form the above network
configuration/rule ?

If PC-A has a virus, it can possibly
infect PC-B. But will it be able to infect
PC-C or any other entity on the network,
including the router ? Even with the
iptable config/rule on the router ?

Thank You !!!

Very Happy Very Happy Very Happy
Back to top View user's profile Send private message
Sponsor
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum