[CLUG-tech] Bridging / Routing Question (IP Cop?)

Hendrik Visage hvjunk at gmail.com
Thu Feb 2 07:49:03 SAST 2006

On 2/1/06, Chris Nash <uhs2001 at webmail.co.za> wrote:
> Hi all.
> Basic setup:
> Adsl Router <--> IPCop <--> Local network switch ( <-->
> Linux mail server / Samba / DNS
>                                        <--> Wireless Network
> ( linking to clients.
> On IPCop is a green network. is a blue network.
> Asdl is a red network.
> I need to enable my green network to access the blue network but still
> protect it from the blue network.
> Would I do that kind of routing at the Samba box or on the IP Cop?
> And how?

Samba box using IPtables or something similar/on top of IPtables.

I would've swapped things around a tad so that all the networks (red,
blue and green) hang
of the IPCop machine, but there might be physical constraints in your
case, thus I'll advise
as second best option to swap the blue and gree networks around if
possible, ie.
ADL-IPCop-WiFi(blue)-Samba-switch(green) and again install some
iptables on Samba.

In the first case you'll have to be carefull to construct negative
rules to prevent the wifi
network access to the green net, but still give the wifi network
internet access.
In my second best scenario the samba box is a "true" diode-firewall in
so far as it
will only allow traffic from green network going out.

Hendrik Visage

