iptables "whitelist" rule
Raven <firstname.lastname@example.org> writes:
> Now I want to be able to run the amuled daemon ON the debian router but
> I am not really sure how to tell iptables to whitelist the traffic that
> is not being forwarded.
> In other words, the ipp2p module should not drop the packets originating
> from/destinated to the router itself.
[ . . . ]
> # Block P2P
> iptables -A FORWARD -m ipp2p --ipp2p -j DROP
> iptables -A INPUT -m ipp2p --ipp2p -j DROP
> iptables -A OUTPUT -m ipp2p --ipp2p -j DROP
I haven't used "ipp2p" before, but if you delete the INPUT and OUTPUT
rules and keep the FORWARD rule, I think that would do what you want.
Packets to and from the amuled daemon (whether from the Internet,
wireless nodes, or whatever) will pass through the INPUT and OUTPUT
tables and be permitted, but P2P packets between wireless nodes and
the big, bad Internet will pass through the FORWARD table and be
dropped by the remaining rule.
Kevin Buhr <email@example.com>
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org