Re: Iptables don't block traffic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

OK, I saw the problem. The default for FORWARD chain is another chain called block and its rules don't block this traffic.

Thanks for your interest.

Oscar

Antony Stone wrote:
On Thursday 22 April 2004 2:53 pm, Oscar Arranz wrote:

  
    I have a Red Hat box running as a firewall in my network. It's
working fine, but now I'm doing tests in order to block certain Internet
traffic. I've added the following rules which should drop packets from
my PC to a known public IP (a web server):

iptables -A FORWARD -s 192.138.35.110 -d 193.110.128.200 -j DROP

    But the packets are not droped because I still can connect to the
web server.

    The default rule for FORWARD chain is DROP

   Any ideas?
    

You say you have added the above rule.

But, what have you added it *to*?

In other words, what other rules do you also have running on the machine?

That information would help us greatly in answering your question.

Regards,

Antony
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux