LinuxSA Mailing list archives

  From: Toby Corkindale <tjcorkin@sa.pracom.com.au>
  To  : Michael T. Cheshire <michael.cheshire@microarts.com.au>
  Date: Thu, 29 Nov 2001 11:39:50 +1030 (CST)

Re: iptables NAT

well, iptables -t nat -D POSTROUTING xx
where xx is the rule number that corresponds to that rule.

or, alternatively,
iptables -I FORWARD -s 192.168.0.5 -o eth1 -j REJECT


Howver, my method is to have a rc.firewall script, which does a flush on
every table and then rebuilds. If i want to make changes, I edit this
script, then run it.

However, for quick stuff, yeah, i still manually add/subtract lines.
It gets harder to do that when you've got overly complicated setups though.


Toby

On Thu, 29 Nov 2001, Michael T. Cheshire wrote:

> I was wondering if anyone can help me with some quick questions
> regarding iptables :
>
> Suppose you use the command
>
> iptables -t nat -A POSTROUTING -s 192.168.0.5 -o eth1 -j MASQUERADE
>
> to allow 192.168.0.5 to get internet (NAT) access via your linux box.
>
> what would I use as a command to turn NAT *off* again specifically for
> that address?
>
>
> ---
>
> Regards,
>
> -----------------------------------------------------------------------
> Michael Cheshire
> Network Engineer
> Microarts Pty Ltd
> mailto:michael.cheshire@microarts.com.au
> <mailto:michael.cheshire@microarts.com.au>
> http://www.microarts.com.au <http://www.microarts.com.au/>;
> PH : 8373 7000 / 0402 277 092
> -----------------------------------------------------------------------
>
> Disclaimer:
>
> Confidentiality
> This  message  contains  privileged  and/or  confidential  information
> intended only for the use of the addressee named above. If you are not
> the  intended recipient of  this message you are  hereby notified that
> you must  not  disseminate,  re-transmit, copy  or take any  action in
> reliance  on it. If you have  received this message  in  error  please
> delete  the document  and  notify  Microarts  immediately.  Any  views
> expressed in this  message are those of the individual sender,  except
> where the sender specifically states them to be the views of Microarts.
>
> Viruses
> Any  loss/damage incurred by using  this material is not  the sender's
> responsibility.   Microarts  entire   liability  will  be  limited  to
> re-supplying  the material.  No warranty is made that this material is
> free from computer virus or any other defect.
>
> -----------------------------------------------------------------------
>
>
>
>

-- 
 Toby Corkindale
 UNIX Developer, Core Tech R&D
 Technology SA, Pracom Ltd
 288 Glen Osmond Road
 Fullarton,	5063
 South Australia
 Tel: +61 8 8202 9075
 Fax: +61 8 8202 9001
 mailto:Toby.Corkindale@sa.pracom.com.au
 http://www.sa.pracom.com.au/

                  PRIVILEGED - PRIVATE AND CONFIDENTIAL

   Privileged/Confidential Information may be contained in this message.
   If you are not the addressee indicated in this message, you may not
   copy or deliver this message to anyone.  In such case, you should
   destroy this message and notify the sender by reply email. Opinions,
   conclusions and other information in this message that do not relate
   to the official business of this organisation shall be understood as
   neither given nor endorsed by it.

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject