Am Mon, 2003-10-13 um 11.44 schrieb Ted Kaczmarek: > I presently exclude 1 ip block in POSTROUTING using > "! X.X.X.X/24" . Is their a way to specify multiple ranges that are > excluded? Only if you can combine them in one network, like: 10.0.0.0/8 and 11.0.0.0/8 can be written as 10.0.0.0/7 > or > Is their a way to have POSTROUTING only have affect on a certain > interface? You can use -o eth0 to specify the interface in you rules. Cheers, Ralf -- Ralf Spenneberg RHCE, RHCX Book: Intrusion Detection für Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org
