Blocking port 80 for specific ip addresses
Peter Hicks
peter@libation.com
Tue, 18 Dec 2001 08:41:55 -0800
On Tuesday 18 December 2001 09:30, William L. Childers wrote:
> All,
>
> I have a dual-homed firewall with nating turned on. I currently have
> these rules in my script.
> What would be the reason that the IP address would still be able to get
> http traffic.
> #
> ######################################################################### #
> # HTTP
> #
> #
> ######################################################################### #
> $IPT -A FORWARD -p tcp -s 192.168.100.1 -d 0.0.0.0/0.0.0.0 --dport 80
> --sport 80 -j DROP
>
> Any assistance would be appreciated.
>
> Thank you,
> William L. Childers
If you are trying to stop 192.168.100.1 from viewing web trafic you have to
change the source port from 80 to 1024:65535.
-Peter