On Saturday 01 May 2004 1:43 am, azeem ahmad wrote:
> hi all
> i m having a problem that i m using MASQUERADING on a redhat 8.0 box with
> iptables. the problem is that when i want the users to be disconnected i
> flush iptables; the new connections dont get established but the current
> active connections dont break.
Indeed. Current connections ("ESTABLISHED" in connection tracking terms) are
handled in the background, and not by your ruleset (your rules only deal with
the first packet of a connection).
> like if a user is downloading msn messenger
> for example and i flush iptables, this user's connection dont break. so
> what i can do to break the active connection
You would have to unload the connection tracking module (if you use modules),
or insert a DROP rule into a mangle table in order to specifically cut off
the connection/s.
Regards,
Antony.
--
Bill Gates has personally assured the Spanish Academy that he will never allow
the upside-down question mark to disappear from Microsoft word-processing
programs, which must be reassuring for millions of Spanish-speaking people,
though just a piddling afterthought as far as he's concerned.
- Lynne Truss, "Eats, Shoots and Leaves"
Please reply to the list;
please don't CC me.
