[LARTC] Layer 7 netfilter not working
Jason Boxman
jasonb@edseek.com
Fri, 9 Jul 2004 17:02:05 -0400
On Friday 09 July 2004 16:51, Ed Wildgoose wrote:
<snip>
> Can you REJECT in the mangle table?
>
It seems not.
rebecca:~# iptables -t mangle -A POSTROUTING -m layer7 --l7proto http -j
REJECT
iptables: Invalid argument
rebecca:~# iptables -A INPUT -m layer7 --l7proto http -j REJECT
rebecca:~# iptables -D INPUT -m layer7 --l7proto http -j REJECT
`man iptables`
"REJECT
This is used to send back an error packet in response to the matched packet:
otherwise it is equivalent to DROP so it is a terminating TARGET, ending rule
traversal. This target is only valid in the INPUT, FORWARD and OUTPUT
chains, and userdefined chains which are only called from those chains. The
following option controls the nature of the error packet returned:"