On Wednesday 07 May 2003 14:05, Walter Priesnitz Filho wrote: > Hi, > I have this environment, a subnetwork (192.168.0.0) that access another > subnetwork (192.168.59.0) and then access the internet. The second lan has > a proxy server (squid:3128). > I need to block the requests in th first lan to the squid server to some > sites. How can I do this? > I've tried this > iptables -A FORWARD -p tcp -m multiport --dport 80,443,3128 -d > www.someplace.com -j DROP > but doesn't work. > Can anybody help-me? why don't use OUTPUT/INPUT chain? you disable output/input from the lan to your firewall (so squid doesn't get requests) bye xchris
