I'm trying do some local testing with iptables and am having a problem... My ISPConfig server is on 10.0.0.6 My laptop is on 10.0.0.21 I want to block all access from my laptop to my ISPConfig server. I entered these commands on my ISPConfig server: Code: iptables -A INPUT -s 10.0.0.21 -j DROP iptables -A OUTPUT -d 10.0.0.21 -j DROP When I do "iptables -L" I can clearly see the new rules are there. The problem is that I can still access the server from my laptop. iptables is not blocking anything. What am I missing?
I figured it out... You have to use -I instead of -A Like this: Code: iptables -I INPUT -s 10.0.0.21 -j DROP iptables -I OUTPUT -d 10.0.0.21 -j DROP Using -I puts the rule at the top of the list so it gets processed first and cannot be overridden by later rules.
