-   Linux - Security (
-   -   Add temporary rule to Iptables (

rickh 03-04-2008 09:21 AM

Add temporary rule to Iptables
I don't have extreme needs for a Firewall. I have the hardware firewall on my router, backed up by Firestarter. My iptables rules are set up by Firestarter. This is an excerpt from "# iptables -L -n"

Chain INBOUND (1 references)
target    prot opt source              destination       
ACCEPT    tcp  --            state RELATED,ESTABLISHED
ACCEPT    udp  --            state RELATED,ESTABLISHED
ACCEPT    all  --         
ACCEPT    tcp  --            tcp dpts:6696:6699
ACCEPT    udp  --            udp dpts:6696:6699
LSI        all  --  

For the current session only, I wish to also block a specific IP address ( I assume that I can do that using the iptables command to add the rule, but...

debian64:~# iptables -A INBOUND DROP      all  --            anywhere
Bad argument `DROP'
Try `iptables -h' or 'iptables --help' for more information.

debian64:~# iptables -h
iptables v1.4.0

Usage: iptables -[AD] chain rule-specification [options]

What am I doing wrong?

acid_kewpie 03-04-2008 09:25 AM

well that's not an iptables command... that you copying the verbose output and pasting it back in... big mistake!

iptables -A INPUT -s -j DROP

also note that if that was a valid command, you would be blocking which is identical to i.e. *everything*!

rickh 03-04-2008 09:29 AM

It's not really I wish to block, I just put those numbers in as an example. Thanks for the advice, I'll try doing it correctly.

Edit:Amazing how easy it is if you know what you're doing. Thanks again.

acid_kewpie 03-04-2008 11:10 AM

Well yes of course, but i meant that == == everything

All times are GMT -5. The time now is 08:59 AM.