Re: Joining 192.168.1.* to 192.168.1.* with filtering for only MS SQL Server?
- From: Jeroen Geilman <jeroen@xxxxxxxxx>
- Date: Sun, 26 Nov 2006 01:17:02 +0100
David wrote:
Hi all,
We have two networks:
a) 192.168.1.*
b) 192.168.2.*
We want to bridge them
I think you mean you want to *route* traffic.
Bridging is really quite different.
so that Microsoft SQL Server via TCP-IP can go
from a computer on a) to one on b). Ive been looking at etables and
iptables, and am not sure what would fullfill the purpose best.
iptables is easiest when using routing.
Has anyone done this, or have any suggestons. We dont want windows file
sharing, named pipes, DNS, DHCP to transerse between the bridges.
Then you definitely don't want bridging, as that connects the networks
completely.
You want selective routing, i.e. routing in combination with firewalling.
Can this be done, do we need to bring them into the same 192.168.* range,
for it to work?
Of course not - if you do that, you can neither route nor stop any traffic.
Or rather, you can stop traffic, and selectively bridge the networks, but it
will be more work to set up properly, and can have lots of unforeseen
consequences.
Each network is connected via a seperate network card to the gentoo linux
box, ideally via these it would be good to ssh into it.
If not I guess this can be done with a spare network card?
No need, as long as you can reach the Gentoo box from either of the two
connected networks.
Are the networks now connected and routed across the Gentoo box ?
If they are, your question is simply: how do I allow MS SQL traffic through,
but not anything else ?
If not, then you'd better stop and think about what kind of traffic you want
to route.
Which depends heavily on what other services you need to provide across the
router, and what kind you wish to prohibit.
A short rationale for why your network is set up the way it is would be a
really good place to start - do a little design work now, save yourself a
whole lot of worry later.
--
All your bits are belong to us.
.
- References:
- Prev by Date: Re: How to set default gw not by route command in linux?
- Next by Date: Re: PPTPD connection tracking
- Previous by thread: Re: Joining 192.168.1.* to 192.168.1.* with filtering for only MS SQL Server?
- Next by thread: IPChains
- Index(es):
Relevant Pages
|
