John Brooks ha scritto: > Removing '-t nat' from the last rule should do what you need. Only the > first two really need to be in the NAT table (because they are > modifying the traffic, not filtering it). [...] > > iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp --syn -j REDIRECT --to-ports 9040 > > iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53 > > iptables -t nat -A OUTPUT -m owner --uid-owner anonymous -j DROP [...] Ok, now ipfilter does not complain but I cannot connect anymore. :-( I will investigate more. -- Ciao leandro Io non voglio sapere tutto, io voglio capire tutto
Attachment:
pgpFkX0BlMyNg.pgp
Description: PGP signature