Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi all,
Requirement is all packets , on g/k is be redirected to 8080 portal port ,
at any Instance this rule excludes the mac specified,by adding iprule to accept packets from specified mac,
Problem is it always considers the first rule: and redirects, how can we make the redirection rule low priority, and any ACCEPTS to be checked at beginning.
saw usage of -j MARK --setmark #priorityno .. could this be adapted here?
Lastly for allowing ssh from remote machine, used the below command
/sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT
looking for your suggestions.Thanks in advance
Last edited by Santoshkb; 12-24-2007 at 06:48 AM.
Reason: h
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195
Rep:
You can put the statements in the reverse sequence, that is, first the ACCEPT, then the REDIRECT.
IPTables executes the rules in the order they are given. As soon as a rule is matched, the packet is processed according to the rule, and then the target is terminating (ACCEPT, REDIRECT) it is over and done.
thanks, Initially is to be redirected . thing is its decided at later stage after authentication to allow user(with macid xx..xx). to acess without redirection,
any ways to make the current rule appear first or
make the former rule appear last(low priority)
did execute , but the first rule appears to take priority
where should accept --dport 22 mentioned in filter/nat table?
m refering nat table for redirecting packets,
* Except to packets destined for port 22(ssh)
whether this iprule to accept port 22 is to be inserted in filter
or nat table? please do know hw its gng to affect by inserting rule in filter table(1) or nat table(2)
1. /sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT
Or
2. /sbin/iptables -t nat -I PREROUTING -p tcp --dport 22 -j ACCEPT
One Last ..
i look to reject all packets (other than port 22/80, ) hence appended at last.. this rule is showing invalid.. whats wrong in rule below
/sbin/iptables -t nat -A PREROUTING -p tcp -j REJECT
thanks all
Last edited by Santoshkb; 12-26-2007 at 03:52 AM.
Reason: h
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.