Iptables > Block Internet Access to a LAN Computer.
by kj6eo from LinuxQuestions.org on (#5GD0D)
Hello and thanks for reading my post. I'm running an Ubuntu Server (v18.01) with Iptables (v1.6.1) here at home. It provides a whole host of services to my LAN computers. This question pertains to my Iptables Firewall. I'm trying to stop internet access to one of the computers on my LAN. So far, I haven't been able to achieve this. The following code works, but stops all LAN computers from accessing the internet:
Code:iptables -I OUTPUT 1 ! -s 192.168.1.14 -d 192.168.1.0/24 -j DROPI also tried: (doesn't work at all)
Code:iptables -A OUTPUT -s 192.168.1.14 -j DROPUntil now, I've just let everything out:
Code:iptables -A OUTPUT -p all -s $LO_IP -j ACCEPT
iptables -A OUTPUT -p all -s $LAN_IP -j ACCEPT
iptables -A OUTPUT -p all -s $INET_IP -j ACCEPTAs you can see, the IP of the LAN computer I want to deny internet access is 192.168.1.14. These OUTPUT rules that I have tried were placed below the 3 OUTPUT rules listed above. I must be overlooking
something that's causing it not to work.
Any suggestions you might have would be appreciated.
Code:iptables -I OUTPUT 1 ! -s 192.168.1.14 -d 192.168.1.0/24 -j DROPI also tried: (doesn't work at all)
Code:iptables -A OUTPUT -s 192.168.1.14 -j DROPUntil now, I've just let everything out:
Code:iptables -A OUTPUT -p all -s $LO_IP -j ACCEPT
iptables -A OUTPUT -p all -s $LAN_IP -j ACCEPT
iptables -A OUTPUT -p all -s $INET_IP -j ACCEPTAs you can see, the IP of the LAN computer I want to deny internet access is 192.168.1.14. These OUTPUT rules that I have tried were placed below the 3 OUTPUT rules listed above. I must be overlooking
something that's causing it not to work.
Any suggestions you might have would be appreciated.