ipchains again

antken · 10-17-2002, 08:23 AM

hi,

i am trying to stop one certain ip within my network access to the internet
i am using ipchains, so far i only have one line in there in the forward chain it basically is masqing all trafic from 'anywhere' to 'anywhere'

now i want to ban one ip address: 192.168.56.39

i have tryed ipchains -A forward -s 192.168.56.39 -J DENY

but it does not work i can still get through with all trafic

what have i done wrong?

Mara · 10-17-2002, 01:20 PM

You need to put the line that allows all AFTER the one that denies acces to one machine.

antken · 10-17-2002, 03:10 PM

ok

so what you are saying is that ipchains list of things to do should look like:

192.168.56.39 Deny
192.168.0.1 allow
192.168.0.2 allow

and so on

i have been playing around on a box and have found that i can put the machine to be banned in the input chain with the deny rule i have also found i can put sites in the input chain with the destination set to for example microsoft

and it blocks the site

would that be a good way to do it?

Mara · 10-17-2002, 03:35 PM

I don't understand the question, I must say...

antken · 10-17-2002, 03:45 PM

sorry, just wittering on

i try and make sense of it

my original question was how do i stop internet acess on one machine.

you said make it one of first rules in the chain

i then said i have been playing around and found out that it i put the machine in the input chain i can stop it that way:

ipchains -A input -s 192.168.59.34 -j DENY

would the above be as effective?

DavidPhillips · 10-17-2002, 04:52 PM

input is correct

Mara · 10-18-2002, 04:56 AM

Yes, it will be.