iptables -A FORWARD -p TCP -i ${INSIDE_IP} --dport 27374 -j LOG
iptables -A FORWARD -p UDP -i ${INSIDE_IP} --dport 27374 -j LOG
iptables -A FORWARD -p TCP -i ${INSIDE_IP} --dport 27374 -j DROP
iptables -A FORWARD -p UDP -i ${INSIDE_IP} --dport 27374 -j DROP
there are better solutions for sure, but this one is simple and writes a log of
every atempt to /var/log/syslog before dropping it
however I think you can't use IP addresses with -i. use names (eth0, eth1
instead.
Pascal
Em Mon, 19 Aug 2002 12:43:59 +1000, voc� escreveu:
> Hi List,
>
> Just wondering if I can get confirmation on an iptables rule, I'm trying
> to drop all packets coming from my network that are destined for port
> 27374 on an outside network. This is what I have:
>
> iptables -A FORWARD -p TCP -i ${INSIDE_IP} --dport 27374 -j DROP
> iptables -A FORWARD -p UDP -i ${INSIDE_IP} --dport 27374 -j DROP
>
> This shows up when I do 'iptables -L' as I think it should, I'm just not
> sure if it's working correctly (trying to test it at the moment).
>
> Regards,
>
> Lucas
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
>
pgpknXkMQn9zg.pgp
Description: PGP signature
