Does this work? adding DROP to iptables on the virtual host's iptables, before the phys bridge....will it prevent those ips from getting to the bridged part of iptables? Or would a different syntax be used? -A INPUT -s 66.77.65.128/26 -j DROP -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
iptables drop on virtual host
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS@xxxxxxxxxx
- Subject: iptables drop on virtual host
- From: Bob Hoffman <bob@xxxxxxxxxxxxxx>
- Date: Fri, 27 Apr 2012 09:36:41 -0400
- Delivered-to: CentOS@xxxxxxxxxx
- User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20120327 Thunderbird/11.0.1
- Follow-Ups:
- Re: iptables drop on virtual host
- From: Bob Hoffman
- Re: iptables drop on virtual host
- Prev by Date: Re: yum yum or not?
- Next by Date: Re: yum yum or not?
- Previous by thread: fail2ban logrotate failure
- Next by thread: Re: iptables drop on virtual host
- Index(es):
 |