Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Redhat9 router...

Posted on 2004-03-28
12
Medium Priority
?
369 Views
Last Modified: 2010-03-18
I have succesfully setup a linux router by using 2 NIC and share the internet between them...all my pc client are gateway to my 2nd NIC where the 1st NIC is directly to Internet Connection..

2nd NIC
: ip - 192.168.168.1
  netmask - 255.255.255.0

ip client will be - 192.168.168.X
netmask - 255.255.255.0
gateway - 192.168.168.1

the first question is how to block the internet connection from my linux to the specific client in my network such as his ip is 192.168.168.10

the second question is how to block mirc port, my client always wasting time to chit chat while working...so I want to block the mirc port which will blocked the connection to mirc server...all this i want to do from linux..

thanks

0
Comment
Question by:learner79
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702048
Just block the port that mirc is using in the firewall its usaly port 6667 or 6666 i think but its possible to work this around anyway, so if you have good employees they will find a way to chat anyway :)

The dont alow internet have the same solution use a firewall to block the specific ip to connect trough the server what system are you using and what is your config for the internet sharing ?

/Rob
0
 

Author Comment

by:learner79
ID: 10702129
my server is using Redhat9 and other client are XP...my server using 3 NIC where 1st NIC is connected to modem, 2nd NIC connected to Office LAN and 3rd NIC is connected to Access Point. I'm using IPTABLES

how to block temporary the internet connection to spesific client in my network from spesific command from Redhat? such as "shutdown clientIP" is that possible?
0
 

Author Comment

by:learner79
ID: 10702135
or what is the command line in redhat9 to disable the eth1(office lan) in X Window?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 8

Accepted Solution

by:
da99rmd earned 400 total points
ID: 10702213
Just write as root:
#for not beeing allowed on the net.
iptables -A FORWARD -s (ip of the host not allowed on the net) -j DROP
#For not beeing allowed to use the irc.
iptables -A FORWARD -i (name of inside nic) -p tcp --dport 6666 -j DROP
iptables -A FORWARD -i (name of inside nic) -p tcp --dport 6667 -j DROP

now test this so it does what you wanted then use this command to make it permanet(still working after a restart).
/etc/init.d/iptables save

/Rob
0
 

Author Comment

by:learner79
ID: 10702222
i will try...thanks rob
0
 

Author Comment

by:learner79
ID: 10702253

i try this "iptables -A FORWARD -s (ip of the host not allowed on the net) -j DROP" it's works...but how to make it back to normall again?
0
 

Author Comment

by:learner79
ID: 10702378
any help?
0
 

Author Comment

by:learner79
ID: 10702484
rob?
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702511
iptables -D FORWARD -s (ip of the host not allowed on the net) -j DROP
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702512
This will delete the rule
/Rob
0
 

Author Comment

by:learner79
ID: 10702527
Thank you so much...
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10702579
im happy to help
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question