alverta_Deckow answered on October 8th 19 at 00:41
and route-n who will show? you never know what you have there heaped
Alfred_Greenho answered on October 8th 19 at 00:43
you have eth1 and eth2 in one switch stuck?
montana.Lang34 answered on October 8th 19 at 00:45
try to INPUT additionally Sweeney:
Delbert_Bauch answered on October 8th 19 at 00:47
It seems all right, it's hard to tell, but I would check
and in the FORWARD chain if there's a rule that comes before
iptables-A FORWARD -i eth2 -o eth1 -j DROP
and pass packets
and level switch all separated (although this question was already asked)
— but can the packages forwarded lan2 — lan0 — lan1, though like the normal route...
— by the way, on machines from lan2 — lan1 gateways are correct?
— try to log packets in iptables logs or look at them from a tcpdump-Ohm — to learn how they still leak
Selena_Rath99 answered on October 8th 19 at 00:49
Firewall rules work on a first match from top to bottom. If the above is a rule that falls under this traffic, all others will not be triggered.
Peggie_Brek answered on October 8th 19 at 00:51
Put MikroTik ROS and do not suffer if traffic is not very much.
Here are the rules from ROS, I think for iptables will think of how to rewrite