Okay, I have an iptables firewall configured with a DMZ. I allow some traffic on specified ports using PREROUTING and back out using POSTROUTING. Works great. But, it allows all connections through to the DMZ'd machine on the ports in question. For example, a DMZ'd webserver on port is hit by a DOS attack or is being attacked by a NIMDA affected server.
Is there anyway I can place conditions on which connections get routed to the DMZ based machines so as to block the would-be attacks? TIA, Charles
