hi. i've never posted/reg here before but have lurked for quite awhile. i need to block internet access for a couple UIDs. found and a bit of an older thread on this site [url=http://fcp.homelinux.org/modules/newbb/viewtopic.php?topic_id=23058]here[/url]. this is basically what i want to do too but i'm using FC4 and the original post refers to FC3 - not sure if that has anything to do with it. so i'm executing: [b] iptables -D OUTPUT -m owner --uid-owner 502 --jump DROP[/b] but i keep getting: [b]"Bad rule (does a matching rule exist in that chain?)" [/b] here is the output of [font=Verdana]iptables --list[/font]: > Chain FORWARD (policy ACCEPT) > target prot opt source destination > RH-Firewall-1-INPUT all -- anywhere anywhere > > Chain INPUT (policy ACCEPT) > target prot opt source destination > RH-Firewall-1-INPUT all -- anywhere anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > Chain RH-Firewall-1-INPUT (2 references) > target prot opt source destination > ACCEPT all -- anywhere anywhere > ACCEPT icmp -- anywhere anywhere icmp any > ACCEPT ipv6-crypt-- anywhere anywhere > ACCEPT ipv6-auth-- anywhere anywhere > ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353 > ACCEPT udp -- anywhere anywhere udp dpt:ipp > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > REJECT all -- anywhere anywhere reject-with > icmp-host-prohibited i checked in [b]ntsysv[/b] and iptables is selected to run at startup. just for the heck of it, i ran [b]iptables--save[/b]. the command does update my [b]/etc/sysconfig/iptables[/b] file stating current date and time for last modified but adds nothing to the file. i have not modified iptables.config in any way. do either/or NetworkManager or NetworkManagerDisbatcher services need to be running for this? i'm sure lots of people are already doing this. any help would be greatly appreciated!!! -- This is an email sent via the webforum on http://fcp.homelinux.org http://fcp.homelinux.org/modules/newbb/viewtopic.php?post_id=100170&topic_id=23936&forum=23#forumpost100170 -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list