iptables question

Corey Edwards tensai at zmonkey.org
Mon Nov 3 16:22:19 MST 2008

On Mon, 2008-11-03 at 13:43 -0600, Nicholas Leippe wrote:
> On Monday 03 November 2008 11:35:13 am Mike Lovell wrote:
> > iptables -A FORWARD -s -d -j ACCEPT
> > <repeated a few times of ip addresses to white list>
> > iptables -A FORWARD -s -d -j DROP
> Try:
> iptables -A FORWARD -s -j DROP
> (w/o the -d

I believe Nick is right. I would just add that on the LAN side of
things, I would REJECT rather than DROP. That'll save your host the
hassle of waiting for a timeout.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20081103/bf908c03/attachment.bin 

More information about the PLUG mailing list