Solved

Redhat9 router...

Posted on 2004-03-28
12
356 Views
Last Modified: 2010-03-18
I have succesfully setup a linux router by using 2 NIC and share the internet between them...all my pc client are gateway to my 2nd NIC where the 1st NIC is directly to Internet Connection..

2nd NIC
: ip - 192.168.168.1
  netmask - 255.255.255.0

ip client will be - 192.168.168.X
netmask - 255.255.255.0
gateway - 192.168.168.1

the first question is how to block the internet connection from my linux to the specific client in my network such as his ip is 192.168.168.10

the second question is how to block mirc port, my client always wasting time to chit chat while working...so I want to block the mirc port which will blocked the connection to mirc server...all this i want to do from linux..

thanks

0
Comment
Question by:learner79
  • 7
  • 5
12 Comments
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702048
Just block the port that mirc is using in the firewall its usaly port 6667 or 6666 i think but its possible to work this around anyway, so if you have good employees they will find a way to chat anyway :)

The dont alow internet have the same solution use a firewall to block the specific ip to connect trough the server what system are you using and what is your config for the internet sharing ?

/Rob
0
 

Author Comment

by:learner79
ID: 10702129
my server is using Redhat9 and other client are XP...my server using 3 NIC where 1st NIC is connected to modem, 2nd NIC connected to Office LAN and 3rd NIC is connected to Access Point. I'm using IPTABLES

how to block temporary the internet connection to spesific client in my network from spesific command from Redhat? such as "shutdown clientIP" is that possible?
0
 

Author Comment

by:learner79
ID: 10702135
or what is the command line in redhat9 to disable the eth1(office lan) in X Window?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 8

Accepted Solution

by:
da99rmd earned 100 total points
ID: 10702213
Just write as root:
#for not beeing allowed on the net.
iptables -A FORWARD -s (ip of the host not allowed on the net) -j DROP
#For not beeing allowed to use the irc.
iptables -A FORWARD -i (name of inside nic) -p tcp --dport 6666 -j DROP
iptables -A FORWARD -i (name of inside nic) -p tcp --dport 6667 -j DROP

now test this so it does what you wanted then use this command to make it permanet(still working after a restart).
/etc/init.d/iptables save

/Rob
0
 

Author Comment

by:learner79
ID: 10702222
i will try...thanks rob
0
 

Author Comment

by:learner79
ID: 10702253

i try this "iptables -A FORWARD -s (ip of the host not allowed on the net) -j DROP" it's works...but how to make it back to normall again?
0
 

Author Comment

by:learner79
ID: 10702378
any help?
0
 

Author Comment

by:learner79
ID: 10702484
rob?
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702511
iptables -D FORWARD -s (ip of the host not allowed on the net) -j DROP
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702512
This will delete the rule
/Rob
0
 

Author Comment

by:learner79
ID: 10702527
Thank you so much...
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702579
im happy to help
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question