iptables
Ramin Alidousti
ramin@UU.NET
Wed, 20 Jun 2001 11:36:21 -0400
On Wed, Jun 20, 2001 at 11:23:36AM -0400, Wenzhong Chen wrote:
> Hi Ramin,
> Thank you very much for your quick reply.
> Actually I am doing a project about web caching. The two switches are
> actually two linux box machine. In each "switch" there are two NICs
> installed.Through a hub they connect to other subnet's cache server and
> web server.The two "switch" connect to each other. I must write code in
> the kernel level to switch the client's request to the cache server or
> web server. First I need to use iptable to do filter,blocking client's
> request from switch1 to switch2 and redirect them to cache server.How can
> I do it?
So, are these linux boxes performing switching or routing?
If routing, then you even don't need iptables but create a static
route for the other subnet to null0 (although, I don't know if this
is supported in iproute2 AND is a very ugly solution which leaves
you with the iptables solution). Use two subnets, read the netfilter
docs and filter the subnets.
If they are switching, you cannot use iptables on either one of
the linux boxes because the switched frames do not reach the IP
stack where iptables lives (I think).
Ramin
>
> James