12-02-2011
block windows file sharing traffic between networks
I have a LAN for users 192.0.3.0
I have a WAN for servers 192.0.0.0
I have a iptables capable router with a static route from 192.0.3.0 to 192.0.0.0
my problem is SMB file sharing traffic is leaking on to our 192.0.0.0 and causing congestion. I only have one printer IP address that needs to talk over 192.0.0.0
Can I use iptables to block traffic from all ip address from sending traffic over 192.0.0.0 except that one printer?
in short i need 192.0.3.102 to be the ONLY device that can talk to 192.0.0.10. NOTE: the iptables enabled router is on the 192.0.3.0 network.
Last edited by herot; 12-02-2011 at 12:28 PM..
8 More Discussions You Might Find Interesting
1. Windows & DOS: Issues & Discussions
We have a Windows Server 2003 box and I'd like to share a drive with a Sun Solaris box so that the Sun Solaris box can copy files to/from the Windows Server 2003.
I believe that Windows Services for UNIX 3.5 will allow me to do this, can anyone comfirm this ?
Also, any links on how to... (1 Reply)
Discussion started by: markgrimes
1 Replies
2. Linux
Did anybody can teach me how to set the premission in the samba server? How to i set the premission in one folder but two access right. With one folder but the user access rights is diffirent. One user can full access the folder, and another one user only read only.
thx for helping... (1 Reply)
Discussion started by: cloudlor
1 Replies
3. Solaris
Hi all,
I have a request from Developer team in my compagny, they would like to be able to share data between unix and windows world.
1. We would like to be able to see Unix data from Windows : ?Samba ?
2 We would like to be able to see windows data from Solaris (Mount point) : ?NFS server... (4 Replies)
Discussion started by: unclefab
4 Replies
4. HP-UX
Hi all,
Can anyone teach me how to mount windows file sharing on hp-ux
thanks (2 Replies)
Discussion started by: pantas manik
2 Replies
5. Solaris
Hi ,
We are trying to share a particular directory between solaris running from VMware installed on Win7 box] and windows box. We tried the SWAT utility of samba, and made all possible changes for sharing. We committed the changes and we were clueless what need to be done further.. referred... (0 Replies)
Discussion started by: BalajiUthira
0 Replies
6. Solaris
Hi guys
I need to create one directory on my Solaris 11 box and then share that directory on my LAN. I have only one disk of 500 GB which is more than enough for my needs.
I read SMB guide for Solaris and there is no guide how to achive share only on one directory, it has only tutorials for... (3 Replies)
Discussion started by: solaris_user
3 Replies
7. UNIX for Advanced & Expert Users
"Samba," I know, I know. However, I am a gov't worker and Samba is off the table. Does anyone have a recommendation for an off the shelf, secure solution? I've already suggested rsync and NFS services for Windows Server and got shot down. (4 Replies)
Discussion started by: LittleLebowski
4 Replies
8. Solaris
hiiii,
recently we installed samba in solaris 11 machine. and create filesystem and mounted it.
we want to mount the same file system in another windows machine through samba.
How share that file system to windows and how to mount in windows . (2 Replies)
Discussion started by: Brahmam CH
2 Replies
LEARN ABOUT DEBIAN
ipkungfu
ipkungfu(8) System Manager's Manual ipkungfu(8)
NAME
ipkungfu - An iptables-based firewall for Linux
SYNOPSIS
ipkungfu [ -c ] [ -t ] [ -d ] [ -h ] [ -v ] [ --quiet ] [ --panic ] [ --no-caching
DESCRIPTION
ipkungfu is an iptables-based Linux firewall. The primary design goals are security, ease of use, and performance, in that order. It takes
advantage of advanced features of iptables, tcpwrappers, and the Linux kernel. It also simplifies the configuration of internet connection
sharing, advanced routing, and other networking needs.
OPTIONS
-c (or --check)
Check whether ipkungfu is loaded, and report any command line options it may have been loaded with.
-t (or --test)
Runs a configuration test, and displays the results. Note that this does not test or display all configuration options. This
gives you an opportunity to verify that major configuration options are correct before putting them into action.
-d (or --disable)
Disables the firewall. It is important to know exactly what this option does. All traffic is allowed in and out, and in the
case of a gateway, all NATed traffic is forwarded (the option retains your connection sharing options). Custom rules are not
implemented, and deny_hosts.conf is ignored.
-f (or --flush)
Disables the firewall COMPLETELY. All rules are flushed, all chains are removed. Any port forwarding or internet connection
sharing will cease to work.
-h (or --help)
Displays brief usage information and exits.
-v (or --version)
Displays version information and exits.
--quiet Runs ipkungfu with no standard output
--panic Drops ALL traffic in all directions on all network interfaces. You should probably never use this option. The --panic option
is available for the highly unusual situation where you know that an attack is underway but you know of no other way to stop
it.
--failsafe If ipkungfu fails, --failsafe will cause all firewall policies to revert to ACCEPT. This is useful when working with ipkungfu
remotely, to prevent loss of remote access due to firewall failure.
--no-caching
Disables rules caching feature.
FILES
/etc/ipkungfu/ipkungfu.conf
/etc/ipkungfu/advanced.conf
/etc/ipkungfu/accept_hosts.conf
/etc/ipkungfu/deny_hosts.conf
/etc/ipkungfu/custom.conf
/etc/ipkungfu/log.conf
/etc/ipkungfu/redirect.conf
/etc/ipkungfu/services.conf
/usr/sbin/ipkungfu
/usr/share/doc/ipkungfu/AUTHORS
/usr/share/doc/ipkungfu/README
/usr/share/doc/ipkungfu/FAQ
/usr/share/doc/ipkungfu/ChangeLog
/usr/share/doc/ipkungfu/COPYING
SEE ALSO
iptables(8).
January 2003 ipkungfu(8)