On Sat, 20 Oct 2007 14:23:12 +0300
"Vaidas M" <[EMAIL PROTECTED]> wrote:
> Hello to everyone,
>
>
>
> Here is the situation:
>
> [LAN1]---[eth3]/----------\
>
> | LinuxBR |[eth2]---[LAN0]---[linuxGW]---[internet]
>
> [LAN2]---[eth4]\----------/
>
> Whole LAN is in subnet 10.0.0.0/24.
>
>
>
> So I need:
>
> LAN0, LAN1, LAN2 could not see each other.
>
> LAN0, LAN1, LAN2 is in same subnet (10.0.0.0/24).
>
> All LANs have to get only internet.
>
>
>
> How can I configure LinuxBR to do so?
>
> Do I have to do only bridge? Or only vlan? Or both?
>
On LinuxBR:
iptables -A FORWARD -s 10.0.0.0/24 -d linuxGW_IP/32 -j ACCEPT
iptables -A FORWARD -s 10.0.0.0/24 -d 10.0.0.0/24 -j DROP
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -d linuxGW_IP/32 -j
MASQUERADE
On linuxGW:
iptables -t nat -A POSTROUTING -s LinuxBR_IP/32 -j MASQUERADE
--
With best regards, Pan'ko Alexander.
_______________________________________________
LARTC mailing list
[email protected]
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
