28 Apr
2004
28 Apr
'04
05:13
On Wednesday 28 April 2004 06.52, Christian Lange wrote:
Hello Andreas,
Well, now I did and an IPTABLES -A OUTPUT -j REJECT -d www.x.de in fw_custom_before_antispoofing()
you will need a rules like this:
iptables -A FORWARD -s IP_OF_NAT_BOX_1 -d IP_OF_DESTINATION -j DROP/REJECT iptables -A FORWARD -s IP_OF_NAT_BOX_2 -d IP_OF_DESTINATION -j DROP/REJECT
Really? I didn't think NATed packets passed through the FORWARD table. I thought that was for unmodified packets only. iptables -t nat -I PREROUTING -d DEST_IP -j DROP would have been my guess