Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Masquerading working, but "Outside" network can still route inbound

    Hi, I am curious about a workshop/test setup I have here..

    I have a Linux box setup with two NICs -

    eth0 (WAN) -
    eth1 (LAN) -

    Default GW

    I've enabled kernel IP forwarding and configured masquerading on eth0 -

    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

    As expected, devices on can access the Internet via masquerading on

    If a rogue device on the segment (ie sets a static route for via this device can route directly to LAN devices. Is this normal behavior? How could this be stopped?

    Cheers and thanks.

  2. #2

    Well, you cannot given the setup you have configured. If you think about it, it's all working as it should be. The thing you need to address is what is the inbound traffic from You probably need to configure a firewall against restricting what connections you want to allow through it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts