allow / deny clients

varun_saa at vsnl.net varun_saa at vsnl.net
Sat Apr 30 07:33:53 CEST 2005


Hello

My server is om Mandrake 10.1
eth0 is WAN with static IP connected to 512K DSL.
eth1 is LAN - 192.168.0.0/24.

I am doing a masq/nat on eth0 as follows:

# Generated by iptables-save v1.2.9 on Tue Apr 26 14:50:01 2005
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE


My subnets are as follows :

192.168.0.0/24
192.168.21.0/24

I would like to allow / deny access to the net to clients
based on : 

1. client IPs.

or

2. client IP + MAC

What kind of rules to write

Do you start with blocking all IPs
and then write the allow rules ?

Or directly write filtering rule
and automatically others will be
rejected?

Thanks

Varun










More information about the netfilter mailing list