Mdthbs

What skills in 5e give trap knowledge (i.e. the equivalent of Dungeoneering in 4e)?

Generate Brainfuck for the numbers 1–255

Plausibility of Ice Eaters in the Arctic

Dropdowns & Chevrons for Right to Left languages

Three legged NOT gate? What is this symbol?

During the Space Shuttle Columbia Disaster of 2003, Why Did The Flight Director Say, "Lock the doors."?

Tikzpicture - finish drawing a curved line for a cake slice

What is the difference between 型 and 形?

How to create all combinations from a nested list while preserving the structure using R?

Visa National - No Exit Stamp From France on Return to the UK

Is Texas Instrument wrong with their pin number on TO-92 package?

Am I overreacting to my team leader's unethical requests?

Infeasibility in mathematical optimization models

AsyncDictionary - Can you break thread safety?

What is the difference between TAS and GS?

Identification of vintage sloping window

Write an interpreter for *

Team goes to lunch frequently, I do intermittent fasting but still want to socialize

What are the uses and limitations of Persuasion, Insight, and Deception against other PCs?

Word or idiom defining something barely functional

Wherein the Shatapatha Brahmana it was mentioned about 8.64 lakh alphabets in Vedas?

How to avoid the "need" to learn more before conducting research?

What are the conventions for transcribing Semitic languages into Greek?

Who are these characters/superheroes in the posters from Chris's room in Family Guy?

How to block traffic from one subnet to another *except* for one location

Use DD-WRT to auto WOL when traffic is on same subnetHow can I block a specific URL on a DD-WRT router?How to properly port forwarding between different machines using UFW / iptables and DD-Wrt?Iptables drop access to specific ip address except from my ipHow to get Pi-Hole to work with IPv6?dd-wrt: prevent VAP from accessing the internetset DNS entry for hostname for the DD-WRT DNS router itself

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

0

I'm using DD-WRT on my home router and I'm using a Pi-Hole for the DNS server.

The main network is 192.168.1.0/24. The default route is .1.1 and the Pi-Hole is sitting at .1.2 (static).

I've created a guest network of 192.168.2.0/24. I want to block all addresses on the .1.0/24 subnet from .2.0/24 subnet except for the Pi-Hole address (.1.2). How do I do this?

dd-wrt pi-hole

share|improve this question

asked 1 hour ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

0

I'm using DD-WRT on my home router and I'm using a Pi-Hole for the DNS server.

The main network is 192.168.1.0/24. The default route is .1.1 and the Pi-Hole is sitting at .1.2 (static).

I've created a guest network of 192.168.2.0/24. I want to block all addresses on the .1.0/24 subnet from .2.0/24 subnet except for the Pi-Hole address (.1.2). How do I do this?

dd-wrt pi-hole

share|improve this question

asked 1 hour ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

I'm using DD-WRT on my home router and I'm using a Pi-Hole for the DNS server.

The main network is 192.168.1.0/24. The default route is .1.1 and the Pi-Hole is sitting at .1.2 (static).

I've created a guest network of 192.168.2.0/24. I want to block all addresses on the .1.0/24 subnet from .2.0/24 subnet except for the Pi-Hole address (.1.2). How do I do this?

dd-wrt pi-hole

share|improve this question

asked 1 hour ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 1 hour ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 1 hour ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 1 hour ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 1 hour ago

andrew997andrew997

1

1 Answer
1

active

oldest

votes

0

Just to answer my own question... This seems to have done the trick:

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.2 -j ACCEPT

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.2 -j ACCEPT

share|improve this answer

answered 24 mins ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

andrew997 is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f535076%2fhow-to-block-traffic-from-one-subnet-to-another-except-for-one-location%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

Just to answer my own question... This seems to have done the trick:

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.2 -j ACCEPT

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.2 -j ACCEPT

share|improve this answer

answered 24 mins ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

0

Just to answer my own question... This seems to have done the trick:

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.2 -j ACCEPT

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.2 -j ACCEPT

share|improve this answer

answered 24 mins ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

Just to answer my own question... This seems to have done the trick:

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.2 -j ACCEPT

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.2 -j ACCEPT

share|improve this answer

answered 24 mins ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.0/24 -j DROP

iptables -I FORWARD -s 192.168.2.0/24 -d 192.168.1.2 -j ACCEPT

iptables -I FORWARD -s 192.168.3.0/24 -d 192.168.1.2 -j ACCEPT

share|improve this answer

answered 24 mins ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 24 mins ago

andrew997andrew997

1

New contributor

andrew997 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 24 mins ago

andrew997andrew997

1