hi Askar, This is a filtering rule, and so, in my opinion, this should be in the filter table, ie FORWARD. Regards, Richard. Richard Oatridge Head of IT, Start-global Ltd http://www.start-global.com tel : +44 1564 779297 email : richardo@xxxxxxxxxxxxxxxx |--------+-----------------------------------> | | Askar Ali Khan | | | <askarali@xxxxxxxxx> | | | Sent by: | | | netfilter-admin@xxxxxxxxx| | | filter.org | | | | | | | | | 29/07/2004 11:19 | | | | |--------+-----------------------------------> >-------------------------------------------------------------------------------------------------------------------------| | | | To: netfilter <netfilter@xxxxxxxxxxxxxxxxxxx> | | cc: | | Subject: droping in forward/postrouting | >-------------------------------------------------------------------------------------------------------------------------| hi all Im afraid i am again with a very simple/stupid question :), even though things not clear to me yet. im droping/blocking certain sites mainly gator sites on my router/firewall to LAN users, using slackware kernel 2.4.26. im doing this with the below rule $iptables -t nat -A POSTROUTING -s 0/0 -d 212.4.208.105 -j DROP This is working fine, however im kinda confuse whether this is the proper table/chain for accomplished this or may I do it with FORWARD chain like ... $iptables -A FORWARD -s 0/0 -d 212.4.208.105 -p tcp -j DROP which approach is recommended ? 1)nat/POSTROUTING OR 2) FORWARD thanks in advance regards Askar
