What's new

iptables issue

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Tim Roberts

New Around Here
I have one (wireless) device that I'm trying to fully block (via iptables - not via mac address). I've entered drop rules on the input/forward/output and from the ssh session - I can't reach the device. However, I can still reach it from other computers on the network.

Situation:
192.168.1.10 - wireless device I want to block access to
192.168.1.130 - pc connected to the lan port on the router

IP rules (I've both entered these directly and in a firewall-start script):
iptables -I INPUT 1 -s 192.168.1.10 -d 0/0 -j DROP
iptables -I INPUT 1 -s 0/0 192.168.1.10 -j DROP
(above repeated with FORWARD and OUTPUT)

I've verified they are in place via "iptables -L"

From the SSH session - pinging or curl will result connection issues (correctly)
However - from 192.168.1.130 - I can still ping/curl the device successfully.

Obviously I'm missing something important here - I would have though the FORWARD rules would have caught stuff going from one of the eth to the wlan (?) but I'm obviously wrong...

Any help/insight would be appreciated!

Thanks,
Tim
 
LAN traffic doesn't go through the firewall, it goes directly between devices over a bridge.
 
You can have some control over it, using ebtables instead of iptables.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top