Need help with drop rules and nfqueue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,
need help with a drop rule and nfqueue
Currently i have this filter rule, that sends all traffic from the bridge bra to nfqueue (IPS System).

-A FORWARD -i br0 -j NFQUEUE --queue-balance 0:3 --queue-bypass

But i want to send there only certain traffic, example:

-A FORWARD -i br0 -p udp -j NFQUEUE --queue-balance 0:3 --queue-bypass
-A FORWARD -i br0 -p icmp -j NFQUEUE --queue-balance 0:3 --queue-bypass
-A FORWARD ! -s 192.168.1.43/32 -i br0 -p tcp -m multiport ! --ports 80,443 -j NFQUEUE --queue-balance 0:3 --queue-bypass

This will not work 100%. With this filter rules not all traffic go to the nfqueue.

Therefore my question.
How can i prevent that an IP address (example 192.168.1.43) to certain ports (80,443) comes to nfqueue.
It is important that no traffic in br0 is lost.

Thanks for any help here.
Stefan
 


--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux