Block all traffic from one internal subnet to a different internal subnet

Issues related to configuring your network
Post Reply
sbuchanan0613
Posts: 9
Joined: 2018/04/25 20:48:02

Block all traffic from one internal subnet to a different internal subnet

Post by sbuchanan0613 » 2019/02/28 19:33:50

Good Morning,

How can I block traffic from 192.168.1.0/24 to 192.168.2.0/24 with a CentOS 7 gateway router machine (firewalld preferred)? The centos router machine has network connectivity to the internet that I want to allow from the 192.168.1.0/24 subnet however I don't want that subnet to have access to any machines on the 192.168.0.2/24 network. The catch is that I want to be able to access the 192.168.0.1/24 subnet from the 192.168.0.2/24 subnet.

192.168.0.1/24 -> router -> Internet
192.168.0.1/24 -> router X 192.168.0.2/24
192.168.0.2/24 -> router -> 192.168.0.1/24

Please let me know the best solution. Thanks in advanced.

Regards,
Steve


sbuchanan0613
Posts: 9
Joined: 2018/04/25 20:48:02

Re: Block all traffic from one internal subnet to a different internal subnet

Post by sbuchanan0613 » 2019/03/04 19:44:25

This thread can be closed:

Solution:
firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -s 192.168.1.0/24 -d 192.168.2.0/24 -j DROP

Post Reply