block internet for one client

[santoshdj123]

Hi
I want to block internet service for one client having ip 192.168.1.2. how should i do that through iptables.
And also how to close ports on windows 2000 os. can i do that from my linux server. win 2k pro. is my client machine.

 

[thedaver]

iptables -A FORWARD -s 192.168.1.2/255.255.255.0 -d 0.0.0.0 -j DROP

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.

http://www.surfinbox.com/business/

 

[santoshdj123]

Thanks thedaver,

I forget to mention one thing that i am using NATing on my server.
i.e.
#iptables -F
#iptables -t nat -F POSTROUTING
#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo "1">/proc/sys/net/ipv4/ip_forward
And now as per u i added one line.
#iptables -A FORWARD -s 192.168.1.2/255.255.255.0 -d
0.0.0.0 -j DROP

but this is not working.
Waiting for your responce...

Santosh

 

[thedaver]

I see your use of the "#" character at the beginning of the line. This renders the instruction as a comment and it is ignored by the command shell. Does this appear this way in your rules file or is it a function of your cut-and-paste?



Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.

http://www.surfinbox.com/business/

 

[santoshdj123]

I used # pormpt in my post to denote the super user prompt.

 

[danandita]

#iptables -t nat -I POSTROUTING -s 192.168.1.2/255.255.255.0 -d 0/0 -j DROP


regards,

Darmawan W. Anandita CCNA
Network/System Consultant