Code: Select all
Gateway|192.168.0.1
|
public |
eth1|192.168.0.30
+--------+---------+
| |
| Centos 7.6.1810 |
| |
+--------+---------+
eth0|10.0.0.30
trusted |
Now, my understanding of the public zone is that incoming traffic should be blocked unless otherwise matched to a rule, however we've recently discovered that machines external to the head node (ie others on the 192.x network) can access the private 10.x network by simply adjusting their routing tables and adding the head node as a gateway, eg (on Windows):
Code: Select all
route add 10.0.0.0 mask 255.255.255.0 192.168.0.30