From: Claus Regelmann <claus.regelmann@inka.de>
To: netfilter@lists.netfilter.org, blueflux@koffein.net
Subject: Filter in POSTROUTING
Date: Thu, 11 Sep 2003 23:03:06 +0200 [thread overview]
Message-ID: <3F60E30A.F61FD84F@inka.de> (raw)
Hello,
There is a figure Oskar Andreassoons IPTABLES TUTORIAL (V1.1.19, chap.
3.1, pg.19)
where both, the forwarded and the local output, join the postrouting
chain.
Why shoudnt it be possible to filter all outgoing e.g. smb traffic from
a local
network at that place with a command like
>iptables -t nat -A POSTROUTING -o ppp0 -p tcp --dport 137:139 -j DROP
>iptables -t nat -A POSTROUTING -o ppp0 -p udp --dport 137:139 -j DROP
\x1a
The same question applies to the PREROUTING chain for input
>iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 137:139 -j DROP
>iptables -t nat -A PREROUTING -i ppp0 -p udp --dport 137:139 -j DROP
Thanks
Claus
next reply other threads:[~2003-09-11 21:03 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-09-11 21:03 Claus Regelmann [this message]
-- strict thread matches above, loose matches on Subject: below --
2003-09-11 21:40 Filter in POSTROUTING Daniel Chemko
2003-09-11 22:35 ` Claus Regelmann
2003-09-12 8:41 ` Oskar Andreasson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F60E30A.F61FD84F@inka.de \
--to=claus.regelmann@inka.de \
--cc=blueflux@koffein.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox