Linode Forum

[Mika1974]

I started a new topic as I couldn't quite find on the forums what i was looking for. The library did not yield any results either (beyond setting up the private IPs on each machine).

The scenario: We want to let 2 nodes in the same Linode account communicate with each-other securely. We've already setup the eth0:0 on both nodes and verified they where up and running properly.

The setup are two Fedora 13 machines. A web server with private eth0: 192.168.151.100 and a PostgreSQL server with private eth0: 192.168.151.200.

At the moment they cannot ping each-other (times out). We are assuming this is to our machine's firewall policy.

Question 1: With iptables - how do I allow traffic to and from only these machines.

Question 2: In what way can we secure the communications between Web and PostgreSQL servers. This obviously needs to be a resilient method that survives reboots etc.

Any help would be appreciated - once I figured it out I'll add it to the Library for future reference.

[devjonfos]

Node 1:
...
iptables -A INPUT --src 192.168.151.200 -j ACCEPT
iptables -A INPUT --src 192.168.0.0/16 -j DROP
...


Node 2:
...
iptables -A INPUT --src 192.168.151.100 -j ACCEPT
iptables -A INPUT --src 192.168.0.0/16 -j DROP
...

And see "db3l" posts in this thread about snooping on the private datacenter lan.

[Mika1974]

Thanks. I should have know that but appreciate the response, let's assume someone in the future will find this useful.