> Hi All > I have following line to drop any request that is not from the > original computer and it works fine > -A PREROUTING -s 192.168.0.157 -p tcp -m mac --mac-source ! > 00:11:2F:29:96:84 -j DROP > > but now I want to change it to REJECT but it doesnt work and iptables > will fail > > -A PREROUTING -s 192.168.0.157 -p tcp -m mac --mac-source ! > 00:11:2F:29:96:84 -j REJECT --reject-with=icmp-host-pro hibited > > what is the problem? # man iptables REJECT [...] This target is only valid in the INPUT, FORWARD and OUTPUT chains, and user-defined chains which are only called from those chains. [...] The PREROUTING chain doesn't fit into this category thus REJECT cannot be used. Grts, Rob
