This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block DNAT for some IPs

Hello my friends,

Is it possible to block an IP when it is trying to get information from a Public IP which is configured in DNAT ?

I´m trying to block an IP, I created a packet filter rule but this user is still trying to enter through the DNAT. The malicious IP is public too.

I checked DNAT configuration for reject options but didn´t see anything...what else can I do ?

thanks...

This thread was automatically locked due to age.

Parents

0 BAlfson over 13 years ago

Like most everything in Astaro, NAT rules are processed in sequence. Create a new DNAT above your current one: '{malicious IP} -> Any -> External (Address) : DNAT to {non-existant IP}'.

Did that work for you?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 13 years ago

Like most everything in Astaro, NAT rules are processed in sequence. Create a new DNAT above your current one: '{malicious IP} -> Any -> External (Address) : DNAT to {non-existant IP}'.

Did that work for you?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data