Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 09-25-2007, 04:10 AM   #1
LQ Newbie
Registered: Sep 2007
Posts: 2

Rep: Reputation: 0
Unhappy iptables doesn't seem to apply new rules to already open TCP connections

Hello everybody

I'm having a problem with iptables it doesn't seem to apply new rules to the already open TCP connections
here is my problem i'm writting a small application that acts as a Hotspot for WLAN with HTTP authorentication all users submit to this iptables rule

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 80
when a user enters the password his rule will be

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to -s 192.168.0.XX -m mac --mac-source XX:XX:XX:XX:XX:XX
till now it works perfectly the problem is when the user logs off the rule will be removed with this command

iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to -s 192.168.0.XX -m mac --mac-source XX:XX:XX:XX:XX:XX
all open tcp connections are still active like downloading a file while any request to new one will be redirected to the first rule (Hotspot Login)

please help me i'm new to linux iptables and this is a huge hole in my system, is there a command that resets/disconnects these connections ??

note: is a squid cache server while is my hotspot server
Old 09-25-2007, 10:00 PM   #2
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
You could use cutter for this.
Old 09-27-2007, 03:06 AM   #3
LQ Newbie
Registered: Sep 2007
Posts: 2

Original Poster
Rep: Reputation: 0
Thumbs up

thanks a lot win32sux linux is awesome and your name says the rest

I've read cutter's source code it uses this file (/proc/net/ip_conntrack) to get the routed connections IPs/Ports it is a really nice feature in linux i didn't know about and good technique cutter is using to close them.

thanks again


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables rules for an ubuntu gateway (filtering connections to and from Internet) Zingaro2002 Linux - Networking 4 05-06-2007 03:01 AM
how to view how many tcp connections open? FireRaven Linux - Networking 3 01-02-2007 05:00 AM
iptables rules to ask for password for new connections chingyenccy Linux - Newbie 1 02-25-2005 03:50 PM
half-open tcp connections r_m_carlsson Linux - Networking 1 02-03-2004 06:51 AM
Ximian Evolution wont apply rules/filters!! newbie2002 Linux - General 2 12-05-2002 11:50 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:48 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration