Am Mittwoch, den 3. Mai hub Bruno Nunes folgendes in die Tasten: Hi! > i have this rule which forwards all incoming requests for ipA to a > local machine as you can see. > iptables -t nat -A PREROUTING -d <ipA> -i eth0 -p tcp --dport 80 > -j DNAT --to 192.168.1.4 > is there any way to allow only a range of machines to use this > specific rule (not interfering with the other rules)? dropping all > requests that are not welcome. Just add "-s source" to the line and youŽll be able to match a source host/net. e.g. iptables -t nat -A PREROUTING -s 1.2.3.4 -d 2.3.4.5 -i eth0 -p tcp \ --dport 80 -j DNAT --to 3.4.5.6 Ciao Max -- | | Follow the white penguin. | |\/| | |-----------------------------------------------------------. | | |/\| | Rechnerbetrieb Mathematik | Meine Baustellen: TSM | | | Universitaet Paderborn | Hostmaster, Linux, LDAP |
