My PC has two network interfaces (eth0 & usb0) that are bridged. There is a service on my PC that broadcasts UDP packets on a specific port (7000). I would like to prevent these UDP packets from leaving my PC via the eth0 interface, only allowing packets to exit via the usb0 interface. I tried to do this by adding an iptable rule to the filter table's OUTPUT chain (see below). iptables -F iptables -A OUTPUT -p udp --dport 7000 -m physdev --physdev-out eth0 -j DROP Doing the above results in an error: *xt_physdev: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore.* So i tried the following: iptables -F iptables -A OUTPUT -p udp --dport 7000 -m physdev --physdev-out eth0 --physdev-is-bridged -j DROP The above doesn't fail, but also doesn't suppress the packets. Any suggestions? Am I way off in thinking that IP tables can do this? Do I need to use etables instead? thanks in advance, Dan -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
