Thanks Pascal, anyway maybe you can help me with my other problem, I already
post it but up to now I don't have any reply so I'm just thinking that you
might help me.
You see I'm using "SAME" for my Network Address translation. example
-A POSTROUTING -s 192.168.64.0/255.255.224.0 -j SAME --nodst --to
212.xxx.xxx.9-212.xxx.xxx.14
My question is, how can I log and trace which private IP is using a certain
public IP a any given time and date.
example let say, somebody is complaining that there is a network flood or attack
coming form 212.xxx.xxx.14, so in order for me to trace which machine is making
the flood I should know whick private IP address is using 212.xxx.xxx.14 at
that given time.
Thank you very much and I hope that you can help me.
Wennie
Quoting Pascal Hambourg <pascal.mail@plouf.fr.eu.org>:
> Hello,
>
> wlagmay@yanbulink.net a écrit :
> >
> > I just want to know How am I going to do a blocking of multiple ports on a
> > single line let say port 700 to 800.
> >
> > Im trying this command but it is not working
> >
> > iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 700-800 -j
> DROP
> > iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 700 --to 800
> -j
> > DROP
>
> man iptables says the port range syntax in port matches is "700:800".
> The port range syntax "700-800" is used only in NAT targets.
>
>
|