[Shorewall-users] Blocking rfc1918 addresses with one exception

Tom Eastep teastep@shorewall.net
Sat, 20 Apr 2002 14:20:27 -0700 (PDT)

On Sat, 20 Apr 2002, Drew Reed wrote:

> Hi
> I've come accross a small problem with the rcf1918 address blocking on 
> my internet interface.
> Im connected via a cable modem and it has an internel web server that 
> allows me to configure/monitor it but as expected if I enable rfc1918 
> blocking for my eth0 interface(The internet one) it also blocks the 
> cable modems web server.  Is there any way it can add a rule before the 
> rfc1918 blocking that will let all traffic to and from the 
> address of the modem in/out but still block all other rfc1918 addresses.

Since this seems to be a popular question, I've added it as FAQ #14.


Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net