Re: iptables drop on virtual host

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On 4/27/2012 9:36 AM, Bob Hoffman wrote:
> Does this work?
> adding DROP to iptables on the virtual host's iptables, before the phys
> bridge....will it prevent those ips from getting to the bridged part of
> iptables? Or would a different syntax be used?
> -A INPUT -s -j DROP
> -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
would something like this work


or would my server die upon testing
CentOS mailing list

[CentOS]     [CentOS Announce]     [CentOS Docs]     [CentOS Virtualization]     [Linux Media]     [Asterisk]     [Photo]     [DCCP]     [Netdev]     [Xorg]     [Xfree86]     [Linux USB]     [Project Hail Cloud Computing]

Powered by Linux Add to Google