HI I know how to block messenger all users on the network using iptables, but how I could only block some users to use them?

this is the way that I could block all

iptables -A FORWARD -p TCP --dport 1863 -j REJECT
iptables -A FORWARD -d 64.4.13.0/24 -j REJECT


I was trying to block them all, and only give access to some of them. Like this:

iptables -A FORWARD -p TCP --dport 1863 -j REJECT
iptables -A FORWARD -d 64.4.13.0/24 -j REJECT
iptables -A FORWARD -p tcp -s 10.10.10.31 --dport 1863 -j ACCEPT
iptables -A FORWARD -p tcp -s 10.10.10.12 --dport 1863 -j ACCEPT


Does someone could help me with an example?

Hi there!

Remember that when talking about iptables, the order of the rules really matters. The system will inspect the traffic against the first rule, if it's rejected no more rules will be inspected.

Just try to switch the lines and give it a shot, if that doesn't work try to add also a line for the 64.4.13 network as a permitted destination.

iptables -A FORWARD -p tcp -s 10.10.10.31 --dport 1863 -j ACCEPT
iptables -A FORWARD -p tcp -s 10.10.10.12 --dport 1863 -j ACCEPT
iptables -A FORWARD -p TCP --dport 1863 -j REJECT
iptables -A FORWARD -d 64.4.13.0/24 -j REJECT

Hope it helps!