I have a question with masquerade/ipchains
Debian "frozen" (2.2.16) (ipmasq 3.4.4)
I have static ip on eth0 18.104.22.168 (for example)
Local network eth1 192.168.2.0
Masquerading with standart debian configuration.
How i can block connecting from local network to some external ip ?
for example: blocking 192.168.2.0/24 connections to 22.214.171.124 ftp
I trying this:
ipchains -A output -s 192.168.2.0/24 0:65535 -d 126.96.36.199/32 21 -p tcp -l -j DENY
But local user still can connect to this ftp..
What is wrong in this rule ?
Sorry for newbie question, and for pure english