Hello, Thanks. I'll check out that link. Question, can I get some help setting up iptables and quality of service? Thanks. Dave. On 12/21/18, Jason White via Blind-sysadmins <blind-sysadmins@lists.hodgsonfamily.org> wrote:
My understanding is that this isn't a typical iptables problem, since devices on the same LAN will discover each other using Address Resolution Protocol in IPv4 and neighbor discovery in IPv6. See the answer at https://superuser.com/questions/1257317/how-to-isolate-device-on-a-router-to...
You may have to set up filtering at the MAC address level, which Linux can do. I've never used it, but it is supported.
-----Original Message----- From: David Mehler <dave.mehler@gmail.com> Sent: Thursday, December 20, 2018 8:41 PM To: Blind sysadmins list <blind-sysadmins@lists.hodgsonfamily.org> Subject: [Blind-sysadmins] Re: any iptables experts?
Hello,
I've got two guest networks both running on Raspberry Pis. I want to ap isolate any clients that connect to them, so they can only connect to the internet, they can not talk to any other device on that network. Second thing i'd like to do is band width throttle them. I do not have the iptables know-how and I have tried to learn, to pull this off, i'd appreciate any help.
Thanks. Dave.
On 12/17/18, philrigby62@gmail.com <philrigby62@gmail.com> wrote:
Maybe so but, from a quick glance, hardly something that could be deployed in a fully-managed infrastructure supporting large scale IT platforms for major international customers which is the arena I work in.
Regards, Phil.
-----Original Message----- From: Can Kırca <cankirca@gmail.com> Sent: 17 December 2018 05:42 To: Blind sysadmins list <blind-sysadmins@lists.hodgsonfamily.org> Subject: [Blind-sysadmins] Re: any iptables experts?
Acording to my experiences, CSF from Config Server better than only iptables and/or firewalld on HREL7. It has detailed documentation and compatible with iptables, command structure is so easy. https://www.configserver.com/cp/csf.html
2018-12-17 0:55 GMT+03:00, philrigby62@gmail.com <philrigby62@gmail.com>:
Don't forget also that, if you are using RHEL 7, you have the option of using firewalld and the firewall-cmd command to specify host-based firewall rules. It is a much simpler interface and well worth using instead of iptables commands if you aren't trying to do anything really complex.
Cheers, Phil.
-----Original Message----- From: Jason White via Blind-sysadmins <blind-sysadmins@lists.hodgsonfamily.org> Sent: 16 December 2018 21:17 To: 'Blind sysadmins list' <blind-sysadmins@lists.hodgsonfamily.org> Cc: Jason White <jason@jasonjgw.net> Subject: [Blind-sysadmins] Re: any iptables experts?
I've written Iptables rules, but not recently, and I wouldn't consider myself to be an expert. I recommend using the following tutorial as your reference: https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html
Note also that iptables is being superseded by nftables, for which I haven't found much documentation.
-----Original Message----- From: David Mehler <dave.mehler@gmail.com> Sent: Friday, December 14, 2018 1:27 PM To: blind-sysadmins <blind-sysadmins@lists.hodgsonfamily.org> Subject: [Blind-sysadmins] any iptables experts?
Hello,
If we have any iptables experts please contact me privately. I am not and I can not wrap my head around iptables, I am trying to do two adjustments to a raspberry pi firewall (without breaking anything), and wanting to add two features.
Help appreciated.
Thanks. Dave. _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org
-- Can Kırca _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org
_______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org