On Tue, 20 Feb 2001, Kirk wrote:
> Im at a loss, Im trying to block web access to one machine on our local
> network using IPCHAINS. This machine still seems to be able to access the
> net with a browser. I dont want to block everything, there is some work
> software that still needs access along with email and such, just block port
> 80. Here is the rule in my firewall:
> /sbin/ipchains -I input -p tcp -s 172.16.0.6 -d 0.0.0.0/24 80 -j REJECT
> also tried
> /sbin/ipchains -I input -p tcp -s 172.16.0.6 -d 0.0.0.0 80 -j DENY
>
> no luck yet.
> Any idea where i'm off?
>
> Thanks in advance,
> Kirk
>
Try:
/sbin/ipchains -I input -p tcp -s 172.16.0.6 -d 0.0.0.0/0 80 -j REJECT
0.0.0.0/0 matches any IP. 0.0.0.0/24 only matches 0.0.0.*, if I
remember right, and 0.0.0.0 doesn't match anything.
You should also be able to do something like:
/sbin/ipchains -I input -p tcp -s 172.16.0.6 \
--destination-port 80 -j REJECT
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with ketchup.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
