Re: Re: - Sebastian Seemann

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: "Sebastian Seemann" <MisterSeaman@gmx.de>
To: netfilter@vger.kernel.org
Subject: Re: Re:
Date: Tue, 07 Oct 2008 11:26:12 +0200	[thread overview]
Message-ID: <20081007092612.44400@gmx.net> (raw)
In-Reply-To: <20081005084518.61060@gmx.net>

  -------- Original-Nachricht -------- > Datum: Sun, 05 Oct 2008 10:45:18 +0200 > Von: "Sebastian Seemann" <MisterSeaman@gmx.de> > An: netfilter@vger.kernel.org > Betreff: Re: Re:  > > On Sun, 05 Oct 2008 00:14:30 -0500, Grant Taylor
> > >I would be tempted to re-write your rule like this
> > >
> > >    iptables -A INPUT ! -m geoip --src-cc [country] -j ACCEPT
> 
> > >The difference being that you are moving the negative logic out of an 
> > >unpredictable failure situation (GeoIP not knowing where the IP is
> from) 
> > >to a controlled situation (IPTables inverting the result of a match 
> > >extension).
> Ah, I see. So simple but so great. Thank you.
In fact, sadly this doesn't seem to work in general. iptables reports 
"unexpected ! flag before match". This was with iptables 1.4.0. Any 
other ideas?

Regards,
Sebastian

-- 
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! 
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer

-- 
GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
Jetzt dabei sein: http://www.shortview.de/wasistshortview.php?mc=sv_ext_mf@gmx

next prev parent reply	other threads:[~2008-10-07  9:26 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <S1752389AbYJDKwq/20081004105246Z+121@vger.kernel.org>
2008-10-04 11:20 ` (unknown) Sebastian Seemann
2008-10-05  5:14   ` Grant Taylor
2008-10-05  5:53     ` Re: Grant Coady
2008-10-05  8:45       ` Re: Sebastian Seemann
2008-10-07  9:26         ` Sebastian Seemann [this message]
2015-10-24  5:02 JO Bower
  -- strict thread matches above, loose matches on Subject: below --
2011-08-23  8:26 How to make bi-directional NAT'ting? "Яцко Эллад Геннадьевич (ngs)"
2011-08-23 10:50 ` Tyler J. Wagner
     [not found]   ` <4E538A10.3030508@runoguy.ru>
2011-08-23 11:35     ` Tyler J. Wagner
2011-08-24  7:35       ` Re: Jan Engelhardt
2011-08-24  8:19         ` Re: Tyler J. Wagner
2008-03-07  8:06 (unknown) Alberto Díez
2008-03-07  9:43 ` Rob Sterenborg
2008-01-03 21:57 (unknown), Joe Ruddy
2008-01-03 22:22 ` Martijn Lievaart

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20081007092612.44400@gmx.net \
    --to=misterseaman@gmx.de \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox