>> If I try to block an IP completely, with something like: >> > # iptables -A INPUT -p all -s 0/0 -d 192.168.0.3 -j DROP -i br0 >> # iptables -A INPUT -p all -s 192.168.0.3 -s 0/0 -j DROP -i br0 >> > 192.168.0.3 is _still_ able to both send and receive. The only thing the >> rule accomplishes is that it prevents me from connecting to .3 from the >> bridge, and from .3 to the bridge, on my non-bridged interface on the >> machine. > >Try reading the iptables man pages.
What he means is: use the FORWARD table, and not INPUT or OUTPUT. Regards, Stephan _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
