iptables: blocking network access for certain UIDs gives error.

kmartin no-reply-gw at fcp.homelinux.org
Tue Jul 18 04:10:55 UTC 2006


wow it works. that -D was the initial problem. i figured what i was typing would MAKE the rule. was guessing -D was for disallow or something...

so the rule was added but then when i logged in as that user, after entering the password it would hang for around 5 minutes before showing the desktop! i removed the rule w/ -D and it logged in fine. since the redhat notification icon couldn't connect to the internet, i removed that, then -A the rule. still hung. soooo as Tim wrote:


> I wouldn't DROP the packet (which will keep the other end waiting for a timeout), I'd REJECT the packet. It still stops them from connecting, but instantly telling them
> it isn't going to work. Hint, use REJECT rather than DROP, to do this.


i just tried -DROP and that part of the problem was solved.

it is now saved and works after rebooting too. awesome. i'm not sure which save command made it work after all this.


many thanks too all of you. your help has been invaluable.



kim



-- 
This is an email sent via the webforum on http://fcp.homelinux.org
http://fcp.homelinux.org/modules/newbb/viewtopic.php?post_id=100380&topic_id=23936&forum=23#forumpost100380




More information about the fedora-list mailing list