Access restriction in subnets, how?

C

Caspergreen2016-02-19 13:31:01

Debian

Caspergreen, 2016-02-19 13:31:01

Good day, there is:
debian with billing installed, one eth0 interface;
eth0 - 192.168.0.2
two routers with different providers:
router1 - 192.168.0.50
router2 - 192.168.0.95
A dhcp server is running on the server where billing is installed.
It is necessary: that certain subnets pass through router2. I registered routes on the first router, I let 172.16.0.0/16 through the second router, everything goes fine, clients have access to another network. Next, you need to configure the following system:
Subnets that are specified on router2 should be opened without connecting to pppoe, and all other traffic that is not clogged in routes should be blocked. That is, the user (192.168.0.0/32) wants to open a site that is located on the 172.16.0.0/16 subnet, calmly opens it, and in order to gain access to the 192.168.1.0 subnet, he must raise PPPOE. PPPOE set up, set up billing, set up routes on routers. And I don’t know how to block and distribute. Can you help with the ipitables rule?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexander, 2016-02-19
@Kr1og5n

Explain more clearly what you want.
So far, I understand that you want to prohibit clients via dhcp from climbing somewhere, and allow clients via pppoe. In this case, it is necessary in the firewall settings to prohibit walking from the dhcp subnet where necessary, and give pppoe clients other addresses, and steer according to their own rules.