Routing between subnets is always on by default. How to turn it off?

[frostbolt]

Hi,

I have a linux home router, with 3 nic's,
eth0: for internet
eth1: for the first local subnet
eth2: for the second local subnet

It runs nat from the 2 local cards to the internet, with :

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

On slackware i had to add routes between the 2 local subnets manually if i wanted them to access each other.
Like this:
#/sbin/route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.3.1 metric 1
#/sbin/route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.1 metric 1

On ubuntu however this routing is on by default, and i don't want that at the moment. (second subnet is for a different apartment, i don't want them browsing my shares/network printer etc).

How do i turn this off?

[peter]

To turn off routing between subnets add this line to your /etc/sysctl.conf file.

Code:

# net/ipv4/ip_forward = 0

You must restart network for the change to take effect:

Code:

# /etc/rc.d/init.d/network restart

For more details see: http://www.linuxhomenetworking.com/w...Using_iptables

[frostbolt]

Won't that disable routing to my openvpn server? (subnet 192.168.8.0) What i am wondering about is why the kernel routes between the subnets without me adding the routes to the routing table. If i turn off ip_forward, will it disable manually added routes as well?