Thank you Michal. Em 27 de janeiro de 2012 06:08, Michal Kubeček <mkubecek@xxxxxxx> escreveu: > On Thursday 26 of January 2012 18:12EN, Usuário do Sistema wrote: >> /sbin/iptables -t mangle -I PREROUTING -s 10.10.10.10 -d ! >> 192.100.100.8 10.254.253.1 172.16.0.1 -j MARK --set-mark 5 > ... >> I need add some "-d ! x y z ..." > > You can do > > iptables -t mangle -N mark5 > for a in 192.100.100.8 10.254.253.1 172.16.0.1; do > iptables -t mangle -A mark5 -d $a -j RETURN > done > iptables -t mangle -A mark5 -j MARK --set-mark 5 > iptables -t mangle -I PREROUTING -s 10.10.10.10 -j mark5 > > Or maybe it will suffice to first mark all packets from 10.10.10.10 with > mark 5 and then remark packets with those three destinations back to 0 > (or anything else). > > Michal Kubeček > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
