iptables question
Nicholas Leippe
nick at leippe.com
Mon Nov 3 12:43:49 MST 2008
On Monday 03 November 2008 11:35:13 am Mike Lovell wrote:
> iptables -A FORWARD -s 192.168.1.2 -d 212.211.132.32 -j ACCEPT
> <repeated a few times of ip addresses to white list>
> iptables -A FORWARD -s 192.168.1.2 -d 0.0.0.0/0 -j DROP
Try:
iptables -A FORWARD -s 192.168.1.2 -j DROP
(w/o the -d 0.0.0.0/0)
Or, for an even better setup, just change the default policy on the FORWARD
chain itself:
iptables -P FORWARD DROP
(you'll need to explicitly set up all your allowed connections first)
Nick
More information about the PLUG
mailing list