iptables -
Bob Goodwin
bobgoodwin at wildblue.net
Mon Feb 8 22:36:46 UTC 2016
On 02/08/16 17:24, Mike Wright wrote:
> On 02/08/2016 02:10 PM, Bob Goodwin
> wrote:
>>
>> Can someone give me an example [for
>> my router] of the iptables code
>> needed to prevent 192.168.1.17 from
>> connecting to the internet while
>> keeping normal LAN access?
>
> Hi Bob,
>
> Decided lack of info to go on but this
> will accomplish that.
>
> If you just want the internet to be
> "non-existent" WRT 192.168.1.17 the
> easiest way is to DROP all traffic
> between them.
>
> Let eth0 be the internet connected
> network card.
>
> iptables -t filter -A INPUT -i eth0 -d
> 192.168.1.17 -j DROP
> iptables -t filter -A OUTPUT -o eth0
> -s 192.168.1.17 -j DROP
>
>
That helps, I had a router on the shelf
that I decided to try openwrt on, it
works slick but it doesn't have some of
the access control features of Tomato
and DD-WRT that I am accustomed to and
requires adding code to iptables which
is really beyond my skill level ... But
I intend to give it a try.
Thanks to you and Richard,
Bob
--
Bob Goodwin - Zuni, Virginia, USA
http://www.qrz.com/db/W2BOD
box10 FEDORA-23/64bit LINUX XFCE POP3
More information about the users
mailing list