Dear all, Sorry about my silly question here but I just can't figure out why it doesn;t work. I have a net with 4 pcs connect with each other. 2 gateways and 2 clients. I try to setup some very simple rule on one of the gateway machines and somehow i can;t get it works. My network setup is like that. C1 (137.112.220.166) | | (137.112.220.165 = eth0) G1 || (192.168.10.2 = eth1) || || (192.168.10.1 = eth1) G2 | (137.111.220.150 = eth0) | C2 (137.111.220.156) at the moment i jsut try to BLOCK all the outgoing traffic from C1 to leaving G1's eth1. I add rules in G1 iptables ,however I can;t get it work. i jsut try with ping, I try with few different rules, it still allow the outgoing traffic fmor C1. I try like: at G1 iptables: case1: iptables -A output -j DROP case2: iptables -A output -s 137.112.220.165 -j DROP case3: iptables -A input -i 137.112.220.165 -s 137.112.220.165 -j DROP case4: iptables -A output -s ! 137.112.220.165 -j ACCEPT Maybe iget confuse about the chain. May I ask, when we add the rules to iptables of a gateway machine, like G1 here, the rules are applied to eth0 or eth1? when rules add to OUTPUT, that is refer to "output form eth0 to internat network" or "output from eth1 to public network"? Thanks very much for your advice
