Be advised the above command will 'DROP' all TCP protocol packets whose Destination falls in the 192.168.2 subnet...(This command follows with your previous "1 IP command") If you want to be even more restrictive (or paranoid) change -p to ALL (choices are TCP, UDP, and ICMP (or ALL)...If you are trying to restrict incoming requests then you need to replace -d with -s for "Source". Be advised these commands might isolate you on the network if you happen to have an address within that subnet block depending on the order of your iptable rules. UFW can help out here as well...check it out 'man ufw'
|