9

I must pretty bad at Googling as this seems like a very basic question but I can't seem to find the answer anywhere... and man iptables is a very long read!

I have two NICs - eth0 and eth1 - on a linux box and I want to block ALL outbound traffic (TCP and UDP across all ports) from one of the NICs, so that no traffic makes its way back up to the router.

What is the command for this? I have only seen examples with specific ports.

Thanks in advance.

edanfalls
  • 195
  • 1
  • 1
  • 6

2 Answers2

10

With iptables -A OUTPUT -o eth1 -j DROP you can drop all outgoing traffic on interface eth1. You'll probably also want to drop all forwarded traffic using iptables -A FORWARD -o eth1 -j DROP.

Kenny Rasschaert
  • 9,045
  • 3
  • 42
  • 58
  • Info for the difference between `OUTPUT` and `FORWARD` here: https://unix.stackexchange.com/questions/96548/what-is-the-difference-between-output-and-forward-chains-in-iptables – Socrates Nov 01 '17 at 13:06
4

To drop all the outgoing traffic on eth1

iptables -I OUTPUT -o eth1 -j DROP

will insert a rule at the begining of the OUTPUT chain to drop all outgoing traffic.

user9517
  • 115,471
  • 20
  • 215
  • 297
  • Thanks. Both were what I was looking for (no current rules so append or insert is fine) - but I've given it to kenny.r for being first. – edanfalls Feb 17 '11 at 22:54