Hello i have a system made of some machine (10-12) in my mail network, the one used by all users. It seems that something is interfering with this system once every while and i can't get an idea of what it is. They are configured with static IPs in the 192.168.1.0/24 network like other computer and servers and i can't change their address because a global reconfiguration o f the services while being in production is not reccomended. I also need to have some communication with the external world on some identified ports.
Basically i need to find a way to filter part of the traffic just to these group of devices, and my idea was to implement a bridge between the switch serving theses devices and the main network.
Any suggestion on how to correctly implemet this or other way to obtain the same result?
i have e suspect that some unwanted traffic and/or broadcast packets are creating confusion towards these devices.
thanks in advance
Re: Filter traffic on the same network
Lets take a step back, can you elabotate on "interfering with this system once every while"
What happens on this mail server(s) and why do you think its unwanted traffic?
How do you fix the problem currently?
The thing with filtering the traffic is it helps to know what exactly you looking for in the traffic.
What happens on this mail server(s) and why do you think its unwanted traffic?
How do you fix the problem currently?
The thing with filtering the traffic is it helps to know what exactly you looking for in the traffic.
Re: Filter traffic on the same network
It's not a mail server, that was a type, i meant main network. Basically is a server controlling a configuring some hardware devices using SNMP (i suppose). I get some messages from the server not communicating with devices and restoring the communication few moments later. I'v noticed that isolating this part of the network for some hours i didn't get any error.
So what i would like to do is to isolate this machines from the rest of the network with the exception of some known ports.
So what i would like to do is to isolate this machines from the rest of the network with the exception of some known ports.
Re: Filter traffic on the same network
On the forward chain:
- create a rule to allow traffic from anywhere to the server and specify the destination ports on the server.
- create a rule to allow traffic from your server to anything.
- create a rule to drop all traffic to the server.
- create a rule to allow traffic from anywhere to the server and specify the destination ports on the server.
- create a rule to allow traffic from your server to anything.
- create a rule to drop all traffic to the server.
Re: Filter traffic on the same network
Do you mean those rules on the bridge firewall?
That's what i had in mind , like a regular firewall with NAT
That's what i had in mind , like a regular firewall with NAT
Who is online
Users browsing this forum: edzaljb and 27 guests