iptables -A FORWARD -p TCP -i ${INSIDE_IP} --dport 27374 -j LOG iptables -A FORWARD -p UDP -i ${INSIDE_IP} --dport 27374 -j LOG iptables -A FORWARD -p TCP -i ${INSIDE_IP} --dport 27374 -j DROP iptables -A FORWARD -p UDP -i ${INSIDE_IP} --dport 27374 -j DROP there are better solutions for sure, but this one is simple and writes a log of every atempt to /var/log/syslog before dropping it however I think you can't use IP addresses with -i. use names (eth0, eth1 instead. Pascal Em Mon, 19 Aug 2002 12:43:59 +1000, você escreveu: > Hi List, > > Just wondering if I can get confirmation on an iptables rule, I'm trying > to drop all packets coming from my network that are destined for port > 27374 on an outside network. This is what I have: > > iptables -A FORWARD -p TCP -i ${INSIDE_IP} --dport 27374 -j DROP > iptables -A FORWARD -p UDP -i ${INSIDE_IP} --dport 27374 -j DROP > > This shows up when I do 'iptables -L' as I think it should, I'm just not > sure if it's working correctly (trying to test it at the moment). > > Regards, > > Lucas > > > -- > To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > >
Attachment:
pgpSJ2UUfJHy0.pgp
Description: PGP signature