19:22 <gchristensen> I've setup two subnets on my router, using two internal NICs to divide them... one on 10.5.3.x the other 10.99.99.x. I'm surprised that out of the box the machines on A and the machines on B can talk to each other. how would I shut that down?

19:23 <gchristensen> something like:

19:23 <gchristensen> ip46tables -A FORWARD -m state --state NEW -i ${internalWiredInterface} -o ${internalSegregatedInterface} -j DROP

19:23 <cransom> iptables forwarding rules to block that

19:23 <gchristensen> ip46tables -A FORWARD -m state --state NEW -i ${internalSegregatedInterface} -o ${internalWiredInterface} -j DROP

19:23 <gchristensen> ?

19:23 <gchristensen> or maybe even drop -m state --state NEW ... ?

19:26 <cransom> i do https://gist.github.com/cransom/3fdce43532073e902b385263629960be - eno1.10 is wan, 20 is lan, 25 is lab. lan can access bench, bench can only access wan.

19:27 <gchristensen> oh cool

19:27 <gchristensen> I need to find some switches which support vlans

19:29 <gchristensen> 25 = lab = bench ?

19:29 <cransom> oh, er yeah.

19:58 <gchristensen> aaand it was a good choice to segregate this corporate laptop from the rest of my network.

20:04 <cransom> somebody doing something funny?

20:04 <gchristensen> they're definitely looking around the neighborhood