Solved

Redhat9 router...

Posted on 2004-03-28
12
347 Views
Last Modified: 2010-03-18
I have succesfully setup a linux router by using 2 NIC and share the internet between them...all my pc client are gateway to my 2nd NIC where the 1st NIC is directly to Internet Connection..

2nd NIC
: ip - 192.168.168.1
  netmask - 255.255.255.0

ip client will be - 192.168.168.X
netmask - 255.255.255.0
gateway - 192.168.168.1

the first question is how to block the internet connection from my linux to the specific client in my network such as his ip is 192.168.168.10

the second question is how to block mirc port, my client always wasting time to chit chat while working...so I want to block the mirc port which will blocked the connection to mirc server...all this i want to do from linux..

thanks

0
Comment
Question by:learner79
  • 7
  • 5
12 Comments
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702048
Just block the port that mirc is using in the firewall its usaly port 6667 or 6666 i think but its possible to work this around anyway, so if you have good employees they will find a way to chat anyway :)

The dont alow internet have the same solution use a firewall to block the specific ip to connect trough the server what system are you using and what is your config for the internet sharing ?

/Rob
0
 

Author Comment

by:learner79
ID: 10702129
my server is using Redhat9 and other client are XP...my server using 3 NIC where 1st NIC is connected to modem, 2nd NIC connected to Office LAN and 3rd NIC is connected to Access Point. I'm using IPTABLES

how to block temporary the internet connection to spesific client in my network from spesific command from Redhat? such as "shutdown clientIP" is that possible?
0
 

Author Comment

by:learner79
ID: 10702135
or what is the command line in redhat9 to disable the eth1(office lan) in X Window?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 8

Accepted Solution

by:
da99rmd earned 100 total points
ID: 10702213
Just write as root:
#for not beeing allowed on the net.
iptables -A FORWARD -s (ip of the host not allowed on the net) -j DROP
#For not beeing allowed to use the irc.
iptables -A FORWARD -i (name of inside nic) -p tcp --dport 6666 -j DROP
iptables -A FORWARD -i (name of inside nic) -p tcp --dport 6667 -j DROP

now test this so it does what you wanted then use this command to make it permanet(still working after a restart).
/etc/init.d/iptables save

/Rob
0
 

Author Comment

by:learner79
ID: 10702222
i will try...thanks rob
0
 

Author Comment

by:learner79
ID: 10702253

i try this "iptables -A FORWARD -s (ip of the host not allowed on the net) -j DROP" it's works...but how to make it back to normall again?
0
 

Author Comment

by:learner79
ID: 10702378
any help?
0
 

Author Comment

by:learner79
ID: 10702484
rob?
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702511
iptables -D FORWARD -s (ip of the host not allowed on the net) -j DROP
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702512
This will delete the rule
/Rob
0
 

Author Comment

by:learner79
ID: 10702527
Thank you so much...
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702579
im happy to help
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
OpenWrt 1 43
Linux : can't create transaction lock error 1 67
best simple nfs export and fstab commands for basic sharing? 3 76
iptables ubuntu BLOCK all 2 84
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question