ip tables

[rmira]

This is my Ip tables
[root@hnet]# iptables -L
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 192.168.16.83 anywhere
DROP all -- 192.168.16.48 anywhere
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:h ttps
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s mtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:h ttp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s sh
REJECT all -- anywhere anywhere reject-with icmp-ho st-prohibited
i can't stop internet access this 2 ip (192.168.16.83 and 192.168.16.48),
what wrong i am ?, i use transparent proxy ,by squid. Eth0 is internet and eth1 is Lan, i want block, Kazza,emule,and all p2p connection,cause my Bandwidth is slow,pls help me.
thanks

[kbukhari]

This is my Ip tables
[root@hnet]# iptables -L
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 192.168.16.83 anywhere
DROP all -- 192.168.16.48 anywhere
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:h ttps
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s mtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:h ttp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s sh
REJECT all -- anywhere anywhere reject-with icmp-ho st-prohibited
i can't stop internet access this 2 ip (192.168.16.83 and 192.168.16.48),
what wrong i am ?, i use transparent proxy ,by squid. Eth0 is internet and eth1 is Lan, i want block, Kazza,emule,and all p2p connection,cause my Bandwidth is slow,pls help me.
thanks

squid is an http proxy and have no chance squid will deal with kazaa etc
u need stop them at your firewall iptables use policy based nating

[LinuxFreaK]

Dear rmira,
Salam,

Use below Iptables rules. This will block access to internet and allow LAN.

# iptabels -t nat -A PREROUTING -s 192.168.16.83 -d ! 192.168.16.0/24 -j DROP
# iptabels -t nat -A PREROUTING -s 192.168.16.4 -d ! 192.168.16.0/24 -j DROP

Best Regards.

[rmira]

Thanks for ur iptables rules,its work for me,
next bittorent ,emuls,and kazza. how to control this p2p service,and how I identify who,s use p2p, i use nmap, but my user use firewall,nmap can,t discover any port, have any solution,which lan scaner is best for detection p2p port.

[kbukhari]

Thanks for ur iptables rules,its work for me,
next bittorent ,emuls,and kazza. how to control this p2p service,and how I identify who,s use p2p, i use nmap, but my user use firewall,nmap can,t discover any port, have any solution,which lan scaner is best for detection p2p port.

you can use iptstat -s on your gateway for watching requesters coming from clients