Hi there,
Recently I'm trying to Linux Machine (fedora 14 64-bit) for share some services to different user group, I'm wondering whether the below scenario/filtering can be achieve?
[Management Network]
Interface: eth0
IP address: 10.0.1.0/24
[Network 1]
Interface: eth1.100
IP address: 172.0.1.0/24
[Network 2]
Interface: eth1.101
IP address: 192.168.1.0/24
If I'm using SSH to access the fedora with IP address 10.0.1.100/24, when I'm in this SSH session, if I'm try to ping IP address 172.0.1.100/24, I want the iptables drop the packet. Only when I'm SSH into the machine with IP address from 172.0.1.0/24 subnet then can ping through to 172.0.1.0/24 network. same in network 192.168.1.0/24, only when I'm SSH in with source IP 192.168.1.0/24 network, then I can access to the network 192.168.1.0/24.
Hope you kind can advise whether this is workable.
Cheers,
13
Linear Mode
