[TriLUG] Need Help with Iptables
James Manning
jmm at computer.org
Thu Aug 23 01:34:28 EDT 2001
[mark]
> iptables -t nat -A PREROUTING -s 192.168.2.33 -p tcp -d 0/0 -j DROP
> iptables -t nat -A PREROUTING -s 192.168.2.33 -p udp -d 0/0 -j DROP
I would think the filter table makes more sense than the nat table.
Assuming this is a router-type box, the forward or output chain would
seem to make the most sense... also, you can just drop the -p and -d
params and consolidate to one rule. There's no need to do tcp and udp
in sep. rules.
at least, afaik
--
James Manning <jmm at computer.org>
GPG Key fingerprint = B913 2FBD 14A9 CE18 B2B7 9C8E A0BF B026 EEBB F6E4
More information about the TriLUG
mailing list