I am sort of fiddling with iptables and can't seem to get even something simple working. The config below was intended to just make a little blacklist containing two ip addresses and a mac address. I wanted the firewall to drop anything from those three places, otherwise just accept everything. It does not work. Stuff from a machine using one of the ip addresses and the mac address is talking with my DHCP server every 30 minutes, and it is talking back. Do I need to set the default policy differently? Do I need to restart iptables or something? I am running a flavor of redhat, and when I restart iptables it sets up its own default config. Then I do iptables -F and then set up as below. What am I doing wrong, besides fiddling with something I do not understand?
mahalo, Dave [EMAIL PROTECTED] ~]# iptables -L Chain FORWARD (policy ACCEPT) target prot opt source destination DROP all -- tmp4.hawaii.edu anywhere DROP all -- tmp9.hawaii.edu anywhere DROP all -- anywhere anywhere state NEW MAC 00:19:B9:E0:63:E0 Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- tmp4.hawaii.edu anywhere DROP all -- tmp9.hawaii.edu anywhere DROP all -- anywhere anywhere state NEW MAC 00:19:B9:E0:63:E0 Chain OUTPUT (policy ACCEPT) target prot opt source destination _______________________________________________ LUAU@lists.hosef.org mailing list http://lists.hosef.org/cgi-bin/mailman/listinfo/luau