iptables filtering ports under nat

To: debian-firewall@lists.debian.org
Subject: iptables filtering ports under nat
From: "Luis Rondon Paz" <luis@azunet.minaz.cu>
Date: Thu, 16 Oct 2008 15:27:37 -0400 (CDT)
Message-id: <[🔎] 2347.172.16.2.132.1224185257.squirrel@172.16.2.13>

hello everyone i have a question
i have this in my iptables

EXT_IF=eth1

#############
/sbin/iptables -t nat -A POSTROUTING -s 12.16.2.5 -o $EXT_IF -j MASQUERADE


now
how can i DROP ALL TRAFIC FROM IP 12.16.2.5 ??? exept port 80 to one
external ip ?

example

i neeed to drop all traffic
and  i need to allow the traffic to one address only

how can i do that Ç????


/sbin/iptables -t nat -A POSTROUTING -s 12.16.2.5 -d EXTERNALONEHOSTONLY
-o $EXT_IF -j  ACCEPT

/sbin/iptables -t nat -A POSTROUTING -s 12.16.2.5 -d 0.0.0.0/0 -o $EXT_IF
-j  DROP ???


OR SHOULD I NEED TO USE TO FORWARD ??

thanks for reading me .

Reply to:

Follow-Ups:
- Re: iptables filtering ports under nat
  - From: James Shupe <shupej@hermetek.com>
- Re: iptables filtering ports under nat
  - From: James Shupe <shupej@hermetek.com>
- Re: iptables filtering ports under nat
  - From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>

Prev by Date: Re: iptables dport range
Next by Date: Re: iptables filtering ports under nat
Previous by thread: Re: iptables dport range
Next by thread: Re: iptables filtering ports under nat
Index(es):
- Date
- Thread