[plug] dropping a ip address
Cameron Patrick
cameron at patrick.wattle.id.au
Sat Sep 20 20:03:21 WST 2003
On Sat, Sep 20, 2003 at 08:04:18PM +0800, Jon Miller wrote:
| Using iptables I would like to drop packets from a ip address.
| If I'm correct the following should work.... correct?
| $IPT -A INPUT -p tcp -d 192.168.3.1 -s 61.139.60.84 -j DROP
| Am I missing something here.
Looks okay except for the destination 192.168.3.1 - that's an internal
network address and so any packets from 61.139.60.84 (which is a real
live internet address) will be bound for the machine's internet address
(e.g. 130.95.123.456) unless you're using DNAT or something quirky like
that somewhere else. You can probably leave out the -d entirely as the
INPUT chain only applies to packets destined for the local machine.
HTH,
CP.
_______________________________________________
plug mailing list
plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug
More information about the plug
mailing list