TransWikia.com

Block access to an ip and port using iptables on my routers

Super User Asked by SKK on December 1, 2021

I have setup 2 routers as follows:

Router (A) connects to internet, Router (B) WAN port connects to the LAN port of the Router A making it a gateway behind another gateway.

Router A LAN/Gateway IP: 192.168.1.1

Router B WAN IP: 192.168.1.2 and Gateway IP after NAT: 192.168.2.1

I am trying to block access to the Router A’s admin page hosted on 192.168.1.1 from the LAN of Router B whose LAN IP addr are 192.168.2.1/24. I used the following on the firewall of Router B, which seems to be failing.

#iptables -I OUTPUT -d 192.168.1.1 -p tcp --dport 80 -j REJECT --reject-with tcp-reset

Can anyone tell me where I went wrong?

UPDATE:
This is the solution..

iptables -I FORWARD -d 192.168.1.1 -p tcp --dport 80 -j REJECT --reject-with tcp-reset

Thanks!
KK

One Answer

UPDATE: Since the box works as a router, a routed paket only passes the FORWARD chain (neither INPUT nor OUTPUT). It will work if you use the FORWARD chain instead of OUTPUT.

Answered by fratester on December 1, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP