[lug] (another) iptables question
Nick Golder
nrg at nirgo.net
Mon Oct 8 11:44:36 MDT 2007
I am trying to setup a rule which drops packets between two interfaces -
eth1 and tun0 (an openvpn tunnel device) using iptables.
The rule I am trying to use is:
iptables -I FORWARD -i eth1 -o tun0 -j DROP
iptables -I FORWARD -i tun0 -o eth1 -j DROP
The rules are inserted after the tunnel is established. However, I can
still hit anything on the far side of tun0 from this side of eth1. I am
trying not to use any IP specific rules so this rule would persist
changes (such as eth1 getting a new IP address).
Is this the wrong way to go about this? If so, what would be a better
way?
--
Nick Golder
More information about the LUG
mailing list