On Wednesday 06 November 2002 7:14 pm, Carlos.facanha wrote: > I have a Linux box used as NAT server and firewall. All requests on its > port 80 are forwarded to a local webserver inside my network. I want to > block access to all services including http from a specific external host. Note your (correct) use of the word "forwarded" in the above paragraph. > I'm using the following rule to block the host > > iptables -A INPUT -i $extint -s $hostip -j DROP Note your (incorrect) use of the word "INPUT" in the above rule. Change the rule to the FORWARD chain and it should do what you want. Antony. -- Documentation is like sex: when it's good, it's very very good; when it's bad, it's still better than nothing.
