How do you control traffic between ports in a routing situation?

  1. So first the WAN port machine only has one interface, eth0. This means for iptables to do forwarding and filtering you'll need to use the local ipv4 addresses/subnets of the Office, Server NET, and Guest Networks. This way you can have FORWARD rules that say, DROP any packets from the guest ip network that are using port 53 (DNS) to any of the other local ip networks. You can even create custom chains in FORWARD to further scrutinize packets.

