On 4/27/2012 9:36 AM, Bob Hoffman wrote:
Does this work?
adding DROP to iptables on the virtual host's iptables, before the phys bridge....will it prevent those ips from getting to the bridged part of iptables? Or would a different syntax be used?
-A INPUT -s 66.77.65.128/26 -j DROP -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
would something like this work
-A PREROUTING -s 66.77.65.128/26 -j DROP
or would my server die upon testing it...lol