Hi everyone!

I have my assignment to create an network with VMware. They all run Linux. There are 1 Firewall and 2 Hosts.

The problem is the firewall has 2 NICs (Internal "eth1" and External "eth2") and 1 NAT NIC "eth0". The INternal and External connected to Internal Network and External Network.

eth1 192.168.1.1/24
eth2 172.16.1.1/16

I am using iptables for blocking each network. I used many command and on iptables which can block icmp such as

#Drop network destine to 172.16.0.0 network through 192.168.1.0 network
iptabels -A INPUT -i eth1 -d 172.16.0.0/16 -j DROP

>>> the result is PC from 192.168.1.0/24 cannot ping gateway 172.16.1.1 but still can ping hosts of that network.

so i put everything to block
iptabels -A INPUT -i eth2 -d 172.16.0.0/16 -j DROP
iptabels -A INPUT -i eth1 -d 192.168.1.0/24 -j DROP
iptabels -A INPUT -i eth2 -d 192.168.1.0/24 -j DROP

and the result is 2 hosts of 2 network cannot ping both gateway. however they still can ping each other....

I don't know is it because 2 NICs sitting in 1 computer cause this problem.

Does any one has any solution about this...
I wanna separate 2 network.

Thanks alot.