netfilter-bounces@xxxxxxxxxxxxxxxxxxx wrote: > Hi, > > does anyone know how to limit the IP connection from going out to > internet? > > example: > LAN: 192.168.0.0/24 > > but im only want to give 10 IP's go out to internet You can: - if these IP's are random in 192.168.0.0/24, put 10 rules in place which each describe which 192.168 ip can be forwarded. $ipt -A FORWARD -s 192.168.x.x [...] -j ACCEPT ... - if these IP's form a range in 192.168.0.0/24, use the range match to describe a range of ip's that can be forwarded. However, the range match is in POM-ng so you'll have to check if your install supoprts it. http://www.netfilter.org/projects/patch-o-matic/pom-base.html#pom-base-i prange Gr, Rob
