RE: silly question, how to block all outgoing traffic?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Please refer to the iptables tutorials to get a better idea of the chains and how a packet traverses it.

INPUT and OUTPUT are only used by the firewall and not for forwarding packets. So in other words, if C1 or C2 sends a packet through G1 or G2, both G1 and G2 packets will not pass through those 2 chains.

What you want is FORWARD.

ie.(rule below drops everything C1 is trying to get out via eth1.
--G1--
iptables -A FORWARD -i eth0 -o eth1 -s 137.112.220.166 -j DROP


Thanks,
____________________________________________
George Vieira
Systems Manager
georgev@xxxxxxxxxxxxxxxxxxxxxx

Citadel Computer Systems Pty Ltd
http://www.citadelcomputer.com.au


-----Original Message-----
From: calvin [mailto:calvinproject@xxxxxxxxxxx]
Sent: Thursday, June 05, 2003 6:28 PM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: silly question, how to block all outgoing traffic?



case2:   iptables -A output -s 137.112.220.165 -j DROP

case3:   iptables -A input -i 137.112.220.165 -s 137.112.220.165 -j DROP

case4: iptables -A output -s ! 137.112.220.165 -j ACCEPT




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux