[CentOS] iptables drop on virtual host
Bob Hoffman
bob at bobhoffman.com
Fri Apr 27 21:05:53 UTC 2012
On 4/27/2012 9:36 AM, Bob Hoffman wrote:
> Does this work?
>
> adding DROP to iptables on the virtual host's iptables, before the phys
> bridge....will it prevent those ips from getting to the bridged part of
> iptables? Or would a different syntax be used?
>
>
> -A INPUT -s 66.77.65.128/26 -j DROP
> -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
> COMMIT
>
>
>
would something like this work
-A PREROUTING -s 66.77.65.128/26 -j DROP
or would my server die upon testing it...lol
More information about the CentOS
mailing list