Hi. On Thu, Jan 09, 2020 at 02:46:25PM -0500, Jim Popovitch wrote: > Is there a way to have iptables DROP before PREROUTING.
What you meant is "before PREROUTING in nat". It's an important bit, see below. > What I want to do is prevent 23.132.208.0/24 from accessing a service > (port 12345) on my home PC. The problem is, the REROUTING rules preceed > the DROP rule, so the connections get through. Thanks for any > suggestions/help. Try it (raw table is called before nat one): iptables -t raw -A PREROUTING -s 23.132.208.0/24 -j DROP Reco