On Wed, 24 Dec 2003, Ben Prince wrote: > I am running Redhat 7.3 and installed iptables from the > iptables-1.2.5-3.i386.rpm found on ftp.redhat.com . The problem I am having > is that I can't seem to DROP connections at all. > > I am using the following syntax > > $IPTABLES -A INPUT -s ip.address.he.re -j DROP This should drop connections destined for the machine running iptables, if it is a router you will need to drop the packets in the forward chain. Also the order of the rules matters, if you have an ACCEPT before the DROP then that will match first. tcpdump is very useful for debugging. You can also add a log rule at the top iptables -I will insert at the top... -- Andy Loukes http://www.navaho.co.uk Complete Appliance Technology
