Switch the order of the lines around. Your packets are getting DROPPED before the ACCEPT can see them. <smile> John > Hi folks, > > I have a Linux box firewall (iptables 1.2.7a) with NAT/MASQUERADING. > How I can block all local network access to my firewall excluding some > local[John Friel III] IP addresses? > I tried these command but it doesn't work: > > /usr/local/sbin/iptables -A INPUT -i eth2 -s 10.105.105.0/24 -j DROP > /usr/local/sbin/iptables -A INPUT -i eth2 -s 10.105.105.20 -j ACCEPT >
