On Mon, 03 Mar 2003 08:38:28 -0500 "Scott St. John" <[EMAIL PROTECTED]> wrote:
> At 09:48 PM 3/2/2003 -0500, you wrote: > > > > iptables -A INPUT -s 209.8.161.0/24 -j DROP > > Ok, perhaps I am doing something wrong, I decided to test blocking my > home connection > to the server just to see if it would work. Doing this: > > iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP This works for me... are you applying the correct rule on the right host? You can leave off the "-j DROP" so see if the rule is being hit: iptables -A INPUT -s xxx.xxx.xxx.xxx without actually affecting traffic. If the counters aren't incrementing, then you are using the wrong IP[/mask]; possibly on the wrong host. > I logged out and then tried to ssh back in and I was in just fine! > Tried to reach the web site > and again, no trouble. I then switched to this: No need to log out/in... ssh to a host, say 192.168.1.1, then: iptables -A INPUT -s 192.168.1.1 -j DROP and the ssh connection should stop working. Verify with" iptables -L -v -n then re-enable with: iptables -F and the ssh conection should resume... > iptables -A FORWARD -s xxx.xxx.xxx.xxx -j DROP > > And again, I got in. Must I block per service and missing something > when issuing the > command? Cant' tell what you are actually doing and on what host without more info; but it works for me... > Thanks in advance. > > -Scott >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com