[arch-general] IPSET and OUTPUT - Arch-general - lists.archlinux.org

newer
Re: [arch-general] arch-general...

[arch-general] IPSET and OUTPUT

older
[arch-general] Where can I...

siefke_listen＠web.de

1 Jun 2018 1 Jun '18

2:47 p.m.

Hello, I want use ad blocking with iptables so I found ipset which make life easier. My question is how it work with Output format? iptables -I OUTPUT -m set --match-set adblock src -j REJECT will this work? I be not really sure and most what found about ipset is input. Thanks for help Silvio

Attachments:

attachment.sig (application/pgp-signature — 488 bytes)

Show replies by date

Gioele Falcetti

1 Jun 1 Jun

3:45 p.m.

On Fri, 1 Jun 2018, 14:47 siefke_listen@web.de, <siefke_listen@web.de> wrote:

Hello,

I want use ad blocking with iptables so I found ipset which make life easier. My question is how it work with Output format?

iptables -I OUTPUT -m set --match-set adblock src -j REJECT

will this work? I be not really sure and most what found

about ipset is input.

Thanks for help Silvio

Since you want to block the destination IP, not the source IP, you should use: -A OUTPUT -m set --match-set adblock dst -j REJECT I usually also add "--reject-with icmp-host-prohibited", that makes the detection of the blocked host easier: -A OUTPUT -m set --match-set adblock dst -j REJECT --reject-with icmp-host-prohibited

2359

Age (days ago)

2359

Last active (days ago)

Download

1 comments

2 participants

tags

participants (2)

Gioele Falcetti
siefke_listen＠web.de