[plug] blocking user from accessing the Internet

Jon Miller jlmiller at mmtnetworks.com.au
Fri Aug 31 15:17:21 WST 2007

Thanks Matt

Jon L. MIller
MMT Networks Pty Ltd
East Perth, WA 6004

-----Original Message-----
From: plug-bounces at plug.org.au [mailto:plug-bounces at plug.org.au] On Behalf
Of Matt Kemner
Sent: Friday, 31 August 2007 3:04 PM
To: plug at plug.org.au
Subject: Re: [plug] blocking user from accessing the Internet

Hi Jon

On Fri, 31 Aug 2007, quoth Jon Miller:

> Client wishes to have a certain user from accessing the Internet.  We use
> iptables, I used the following and still they can access the Internet what
> have I not done?

> Iptables - A INPUT -s -p tcp all -j DROP (I also tried
> neither worked.

You will no doubt get several responses to this, but...

use FORWARD instead of INPUT

INPUT and OUTPUT only affect traffic directly flowing in and out of the
firewall server itself.  FORWARD affects all traffic flowing through it.

Also (and this is probably a typo only in this email) you have a space
between "-" and "A" that should not be there

ie "iptables -A" not "iptables - A"

Kind Regards,

 - Matt Kemner           Perth:     Tel 08 9322 3444 Fax 08 9221 3444
  Penguin Care           Adelaide:  Tel 08 8311 1144 Fax 08 8311 1177
  Specialising in        Melbourne: Tel 03 8648 6644 Fax 03 8648 6677
  Linux & Business VoIP  Sydney:    Tel 02 8580 4488 Fax 02 8580 4477
  Mobile: 04 2022 3444   Brisbane:  Tel 07 3337 9988 Fax 07 3337 9977

PLUG discussion list: plug at plug.org.au
Committee e-mail: committee at plug.linux.org.au

More information about the plug mailing list