Hello,

I would like to block an Ip from connecting to my server but I use Firstarter. the problem I have it that I has services allowed from there so any ip can connect to those services...

I looked around in the document and I could not see any ways of doing that..

So I guess my only choice would to do a "iptable -I INPUT -p ALL -s [ip adresse] -d 0.0.0.0/0 -j DROP" for this ip is that correct ??

Is there a way to retain thoses rules in iptables, so when I reboot the rules are still there ?

Would an outbound rule have been usefull in this case (I guess, the client could connect but could't receive ??)

THanks for any clarifications...

Almost. The program name should be iptables (with an s). The -I inserts it as the first rule which is what you want, --protocol defaults to all, so (-p ALL) is OK but redundant.

To keep it active, add it to your rc.local file ( /etc/rc.d/rc.local) and it will execute after all your regular Sys V stuff inits. I am assuming Firstarter starts in there.

Dave

THanks for the reply :-)

I just realized that FireStarter gives us a chance to add our custom rules in the user-pre and user-post files within the Firstarter directory. I posted my rules in the user_post file and now they are recurent, even when I make a new rule using the gui.

Many thanks again!