"Philipp Snizek"
hi!
ok. i tried it with < ipchain -A forward -d xxx.yyy.zzz.xxx -j DENY > and with < ipchains -I output 1 -d xxx.yyy.zzz.xxx -j DENY >
..and I can see with ipchains -L that the rules are working, but I still have access to the restricted domain from the clients... :-(
What could be wrong...?
is the order of your rules correct? This specific deny rule you put *before* the accept rules.
"ipchains -I input 1 ..." puts the rule in the first place. So there is no other rule *before* this one. Martin -- martin.peikert@innominate.com innominate AG the linux architects tel: +49-30-308806-0 fax: -77 http://www.innominate.com