From mboxrd@z Thu Jan 1 00:00:00 1970 From: Don Gould Date: Wed, 04 May 2011 21:30:17 +0000 Subject: [LARTC] SMB traffic routing/blocking... Message-Id: <4DC1C569.3040705@bowenvale.co.nz> MIME-Version: 1 Content-Type: multipart/mixed; boundary="===============0912271176==" List-Id: To: lartc@vger.kernel.org This is a multi-part message in MIME format. --===============0912271176== Content-Type: multipart/alternative; boundary="------------030809020202040002020403" This is a multi-part message in MIME format. --------------030809020202040002020403 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Dear Spammers, Thanks for waking everyone on the list up last night. ;) Dear List, Now that you're all awake, and following the number of requests for some technical discussion, here's my current challenge on my little research project... Yes, I'm wanting to figure out the following for a Mikrotik RB750G router, but AIUI the mkt runs a Linux core, so my request is on topic ;) I've got a number of networks on my router.... 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24 192.168.1.2 can ping 192.168.2.2, 192.168.3.2, 192.168.4.2 That's cool. However I don't want people on 2.0 to be able to see computers in 3.0 or 4.0, etc. I also don't want them to be able to establish windows networking connections -- so basically samba/smb connections. However I do what 192.168.2.0/24, 192.168.3.0/24, 192.168.4.0/24 to be able to use a NAS in 192.168.1.0/24. So I need to drop some traffic unless it's heading to my NAS IP (192.168.1.2 for sake of argument). I do want users in 192.168.x.0/24 to be able to see each other though. I'm using a Mikrotik 750G with router OS5 on it, lic 4. TIA D -- Don Gould 31 Acheson Ave Mairehau Christchurch, New Zealand Ph: + 64 3 348 7235 Mobile: + 64 21 114 0699 --------------030809020202040002020403 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit

Dear Spammers,

Thanks for waking everyone on the list up last night. ;)

Dear List,

Now that you're all awake, and following the number of requests for some technical discussion, here's my current challenge on my little research project...

Yes, I'm wanting to figure out the following for a Mikrotik RB750G router, but AIUI the mkt runs a Linux core, so my request is on topic ;)

I've got a number of networks on my router....

192.168.1.0/24
192.168.2.0/24
192.168.3.0/24
192.168.4.0/24

192.168.1.2 can ping 192.168.2.2, 192.168.3.2, 192.168.4.2

That's cool.

However I don't want people on 2.0 to be able to see computers in 3.0 or 4.0, etc.

I also don't want them to be able to establish windows networking connections – so basically samba/smb connections.

However I do what 192.168.2.0/24, 192.168.3.0/24, 192.168.4.0/24 to be able to use a NAS in 192.168.1.0/24.

So I need to drop some traffic unless it's heading to my NAS IP (192.168.1.2 for sake of argument).

I do want users in 192.168.x.0/24 to be able to see each other though.

I'm using a Mikrotik 750G with router OS5 on it, lic 4.

TIA


D

-- 
Don Gould
31 Acheson Ave
Mairehau
Christchurch, New Zealand
Ph: + 64 3 348 7235
Mobile: + 64 21 114 0699
--------------030809020202040002020403-- --===============0912271176== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc --===============0912271176==--