Re: Blocking incoming IP address immediately

From: Jeff Franks (jfranks1970_at_charter.net)
Date: 11/30/04 

Date: Tue, 30 Nov 2004 15:29:29 -0600

SUCCESS!!!!!!

Man, I feel like such a noob. Thanks for all the help guys, but I was doing
everything right, except I was trying to block him in the INPUT table rather
than the FORWARD table. The game is on a seperate server, so it's obviously
the wrong thing to do....grrrr. live and learn

Thanks again for all the help. I love NG's.

jf

"Jeff Franks" <jfranks1970@charter.net> wrote in message
news:oN%qd.1929$rC.904@fe39.usenetserver.com...
> omg....i'm an idiot.
>
> That explains a LOT of things I've ran into during this. geez, you'd
> think I'da seen that one coming.
>
> I'll give that a try and let you know. Thanks for the help!
>
> jf
>
> "Nico Declerck" <Nico.Declerck@UGent.be> wrote in message
> news:cohsom$r59$1@gaudi2.UGent.be...
>> Jeff Franks wrote:
>>
>>>> Just one question to be on the safe side... The iptables-firewall and
>>>> the
>>>> "Roger Wilco" game are one and the same machine??? right?
>>>
>>> No the iptables firewall is on a stand-alone RedHat 9 server. It's only
>>> function right now is to provide NAT and a firewall for my internal LAN.
>>> The game and the Roger Wilco are on a seperate server and the ports are
>>> forwarded in to it. That, by the way, is working like a champ. The
>>> game
>>> is
>>> up and the RW is working fine. My only issue is how to block specific
>>> IP
>>> addresses on the fly without effecting the other connections.
>>
>> What I don't understand then is why you try to block them in the
>> INPUT-chain.... You should try the FORWARD chain...
>>
>> The INPUT chain is used strictly for processes that run on your firewall,
>> if
>> the game server is another machine, the packets will go through the
>> FORWARD
>> chain, even if the firewall has to perform NAT.
>>
>> prompt
>>
>
>
>

Relevant Pages

  • Re: Blocking incoming IP address immediately
    ... >> function right now is to provide NAT and a firewall for my internal LAN. ... >> The game and the Roger Wilco are on a seperate server and the ports are ... > The INPUT chain is used strictly for processes that run on your firewall, ...
    (comp.os.linux.security)
  • Re: IP tables help
    ... Did you note the last line in the INPUT chain? ... The firewall will not accept anything not listed in the first two lines ... of the INPUT chain regardless of the default policy because the ... >> from local lan. ...
    (RedHat)
  • RE: IP tables help
    ... Did you note the last line in the INPUT chain? ... The firewall will not accept anything not listed in the first two lines ... of the INPUT chain regardless of the default policy because the ... -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe ...
    (RedHat)
  • Re: iptables strange problem
    ... are you just using these rules to firewall an individual computer? ... network firewall, or else none of the machines on the other ... through the INPUT chain ... active connection ...
    (comp.os.linux.networking)
  • Re: iptables redirect
    ... I'd like to open a port on my firewall to redirect to a testing web server ... $SONY is my destination machine, and I'd like to have the connection opened ... The problem is that the packets to be forward has to be ... through the INPUT chain before they even reach the FORWARD one. ...
    (Ubuntu)
Quantcast