VLAN, allow traffic in.

[Kocrachon]

Hey All,

I am new to setting up vlans, and I am trying to figure out how to allow my Vlan "10" to allow traffic from my VLAN "1"

Here is my current config I got from another post on here. Basically. I want my VLAN1 to be able to speak to my VLAN10 if it initiates contact.

Basically, I have a game server I am hosting. Right now, its perfectly isolated. However, when I try to connect ot the server myself, my router tries to route me to it locally even if I use external IP, so the connection fails without a VPN.

So I am wondering, is there a way for me to say, VLAN1 can reach out and talk to VLAN10, but VLAN10 can only respond, it cannot reach out to VLAN1. So that way if the server in compromised, no one can communicate with my PC or other servers on the network, but I will be able to actively connect to my server without a VPN.


#!/bin/sh

# force LAN port 4 to use the Guest network
robocfg vlan 1 ports "1 2 3 4t 8t"
robocfg vlan 10 ports "4 8t"
vconfig add eth0 10
ifconfig vlan10 up
brctl addif br0 vlan10
ebtables -t broute -I BROUTING -p IPv4 -i vlan10 --ip-dst 192.168.1.0/24 --ip-proto tcp -j DROP
ebtables -t filter -I FORWARD -i vlan10 -o ! vlan2 -j DROP
ebtables -t filter -I FORWARD -i ! vlan2 -o vlan10 -j DROP