Skip to content

Commit

Permalink
Fixed typo issues for SNAT reject rules for Services subnet
Browse files Browse the repository at this point in the history
  • Loading branch information
@iArcanic
iArcanic committed Jul 21, 2023
1 parent 094e4cd commit 1b8dee6
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions Central-router.startup
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -s 10.0.6.0/24 -o eth0 -j ACCEPT

# Reject NAT for Services subnet
iptables -t nat -A POSTROUTING -s 10.0.5.0/24 -0 eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.0.4.0/24 -o eth0 -j ACCEPT

# Source NAT rules
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Expand Down Expand Up @@ -100,4 +100,4 @@ iptables -A FORWARD -s 10.0.2.0/24 -d 10.0.5.4 -p icmp --icmp-type 8 -m state --
iptables -A FORWARD -s 10.0.2.0/24 -d 10.0.5.3 -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED -j DROP

# Drop incoming ICMP Echo Request (ping) from LDAP to External subnet
iptables -A FORWARD -s 10.0.5.3 -d 10.0.2.0/24 -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED -j DROP
iptables -A FORWARD -s 10.0.5.3 -d 10.0.2.0/24 -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED -j DROP

0 comments on commit 1b8dee6

Please sign in to comment.