13
edits
Changes
no edit summary
You would do, for example:
* root@OpenWrt:~# iptsetup.sh google.com gl 1"
* That would create for you add_gl.sh and del_gl.sh in the current working directory.
* Then run ./add_gl.sh and all packets destined to google will be marked with MARK 1
* So add a rule something like:
<code>
iptables -A OUTPUT -m mark --mark 4 -j reject
iptables -A reject -p tcp -j REJECT --reject-with tcp-reset
iptables -A reject -j REJECT --reject-with icmp-port-unreachable
</code>
* You also need to feed traffic into the m_ip chain in your mangle table.
* How you might wish to do this is left as an exercise to the reader :-/