Salam Im trying own my home box (standalone) which is directly connected with net via ppp0 (dialup). I got a three user accounts on this box only for practice purpose. Now im trying to block a site www.foo.com for users excluding user "askar" with something like.... #iptables -A OUTPUT -p tcp --dport 80 -d www.foo.com -j DROP this works for all users however when I tries to exclude user "askar" from this blocking with... #iptables -A OUTPUT -p tcp --dport 80 -d www.kmmod.com -m owner --uid-owner askar -j ACCEPT site is still block for user "askar", i also tried with changing the other of the rules no working :), Howto exclude "askar" ? my default chain polices ... Chain INPUT (policy ACCEPT) Chain FORWARD (policy ACCEPT) Chain OUTPUT (policy ACCEPT) Regards Askar