Re: iptables DROP before PREROUTING

To: debian-user@lists.debian.org
Subject: Re: iptables DROP before PREROUTING
From: Jim Popovitch <jim@k4vqc.com>
Date: Thu, 09 Jan 2020 16:35:17 -0500
Message-id: <[🔎] 0cba77f6ced97acecd38fb6ea0a49a4b3f4c5e84.camel@k4vqc.com>
In-reply-to: <[🔎] a7fb07ed-32ec-45f7-e88b-9904b7b701e1@gmail.com>
References: <[🔎] bd1fbb2e8acfe21972010df27d79c478ad0ee017.camel@k4vqc.com> <[🔎] a7fb07ed-32ec-45f7-e88b-9904b7b701e1@gmail.com>

On Fri, 2020-01-10 at 01:52 +0500, Alexander V. Makartsev wrote:
> 
> The answer to your question, I believe, should look like this:
> "iptables -I FORWARD -s 23.132.208.0/24 -j DROP"

Thanks! That is what I am looking for.

To be clear, I'm doing something much more complex, but the underlying
issue is that blocked IPs (via ipsets and text file lists) were properly
DROPped by INPUT rules but were circumventing via the FORWARD and NAT
rules. 

-Jim P.

Reply to:

References:
- iptables DROP before PREROUTING
  - From: Jim Popovitch <jim@k4vqc.com>
- Re: iptables DROP before PREROUTING
  - From: "Alexander V. Makartsev" <avbetev@gmail.com>

Prev by Date: Re: No sound with Pulseaudio
Next by Date: Re: Re: 64bit ext4 and kernel version compatibility
Previous by thread: Re: iptables DROP before PREROUTING
Next by thread: after installing viber, nowhere to be found?
Index(es):
- Date
- Thread