Hi, this may be a simple Question. I have a xen-domain which is acting as a server. For some experiments i want, that every attempt to connect to a services on this server is blocked, but none of the existing connections is affected. So, the ip of the server is 192.168.1.4 and the interface on dom0 is vif1.0. Dom0 acts as a arpproxy. Would 'iptables -A FORWARD -d 192.168.1.4 -o vif1.0 -p tcp --syn -j DROP' enough? Its crucial for me, so i have to be sure that the syntax is correct. Thanks, Julian
