iptables rule -d ! (not destination) is giving me errors

user173360 asked:

How do I use the [!] option for a destination IP?

I’m trying to redirect out-bound WAN DNS traffic to my sinkhole, but I can’t get the –destination [!] option to work.

For example:

iptables -A OUTPUT -d ! -j ACCEPT


Bad argument `'

I haven’t the slightest clue what is wrong with my syntax.

My answer:

You have the ! in the wrong place. It belongs before -d.

From the iptables man page:

       [!] -d, --destination address[/mask][,...]

So for example:

iptables -A OUTPUT ! -d -j ACCEPT

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.