On Mon, 03 Mar 2003 08:38:28 -0500 "Scott St. John" <[EMAIL PROTECTED]>
wrote:

> At 09:48 PM 3/2/2003 -0500, you wrote:
> > > > iptables -A INPUT -s 209.8.161.0/24 -j DROP
> 
> Ok, perhaps I am doing something wrong, I decided to test blocking my
> home connection
> to the server just to see if it would work.  Doing this:
> 
> iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP

This works for me...  are you applying the correct rule on the right host?

You can leave off the "-j DROP" so see if the rule is being hit:
  iptables -A INPUT -s xxx.xxx.xxx.xxx
without actually affecting traffic.  If the counters aren't incrementing,
then you are using the wrong IP[/mask]; possibly on the wrong host.

> I logged out and then tried to ssh back in and I was in just fine! 
> Tried to reach the web site
> and again, no trouble.  I then switched to this:

No need to log out/in...  ssh to a host, say 192.168.1.1, then:
  iptables -A INPUT -s 192.168.1.1 -j DROP
and the ssh connection should stop working.  Verify with"
  iptables -L -v -n
then re-enable with:
  iptables -F
and the ssh conection should resume...

> iptables -A FORWARD -s xxx.xxx.xxx.xxx -j DROP
> 
> And again, I got in.  Must I block per service and missing something
> when issuing the
> command?

Cant' tell what you are actually doing and on what host without more info;
but it works for me...
 
> Thanks in advance.
> 
> -Scott
> 

Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Reply via email to