Re: iptables rule for more than one target

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 
Thank you Michal.

Em 27 de janeiro de 2012 06:08, Michal Kubeček <mkubecek@xxxxxxx> escreveu:
> On Thursday 26 of January 2012 18:12EN, Usuário do Sistema wrote:
>> /sbin/iptables -t mangle -I PREROUTING -s 10.10.10.10 -d !
>> 192.100.100.8 10.254.253.1 172.16.0.1  -j MARK --set-mark 5
> ...
>> I need add some "-d ! x y z ..."
>
> You can do
>
> iptables -t mangle -N mark5
> for a in 192.100.100.8 10.254.253.1 172.16.0.1; do
>    iptables -t mangle -A mark5 -d $a -j RETURN
> done
> iptables -t mangle -A mark5 -j MARK --set-mark 5
> iptables -t mangle -I PREROUTING -s 10.10.10.10 -j mark5
>
> Or maybe it will suffice to first mark all packets from 10.10.10.10 with
> mark 5 and then remark packets with those three destinations back to 0
> (or anything else).
>
>                                                    Michal Kubeček
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Linux Netfilter Development]     [Linux Kernel Networking Development]     [Linux Networking Development]     [Linux Kernel Development]     [Linux Resources]     [LARTC]     [Bugtraq]     [Consulting]     [Free Internet Dating]     [Yosemite Forum]     [Photo]

Add to Google Powered by Linux