diff --git a/Central-router.startup b/Central-router.startup index f93d370..3f88000 100755 --- a/Central-router.startup +++ b/Central-router.startup @@ -38,7 +38,7 @@ sysctl -w net.ipv4.ip_forward=1 iptables -t nat -A POSTROUTING -s 10.0.6.0/24 -o eth0 -j ACCEPT # Reject NAT for Services subnet -iptables -t nat -A POSTROUTING -s 10.0.5.0/24 -0 eth0 -j ACCEPT +iptables -t nat -A POSTROUTING -s 10.0.4.0/24 -o eth0 -j ACCEPT # Source NAT rules iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE @@ -100,4 +100,4 @@ iptables -A FORWARD -s 10.0.2.0/24 -d 10.0.5.4 -p icmp --icmp-type 8 -m state -- iptables -A FORWARD -s 10.0.2.0/24 -d 10.0.5.3 -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED -j DROP # Drop incoming ICMP Echo Request (ping) from LDAP to External subnet -iptables -A FORWARD -s 10.0.5.3 -d 10.0.2.0/24 -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED -j DROP \ No newline at end of file +iptables -A FORWARD -s 10.0.5.3 -d 10.0.2.0/24 -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED -j DROP