I'm not sure blocking the input chain would resolve the problem.
iptables doesn't work the same way as ipchains. In iptables input and output are used to where iptables live and forward to the subnet behind the firewall.
You could block all the ports and them open the one you want to use (i.e 80 http, 53 dns etc) this is the most secure way to proceed but if your subnet is running lots of different application it could be difficult to set up.
Maybe you can do something with the mangle table, i don't know.
If you don't find the answer on this list try the netfilter archive list and current one.
Cheers
-----Original Message-----
From: Jeff [mailto:jcoppock1@attbi.com]
Sent: 19 November 2002 17:26
To: Fadel
Cc: debian user list
Subject: Re: Blocking Kazaa with iptables
Fadel, 2002-Nov-19 13:13 -0300:
> Hi there,
>
> I got a trouble in my network while trying to block Kazaa.
> I tried to drop port 1214 with this rule:
>
> iptables -A FORWARD --dport 1214 -j DROP
>
> but this doesn't work. so I did sniffing to see what kind of packets
> and ports kazaa uses and I saw that it searches for servers in
> different ports. later, I read in various texts around the net, but
> all recommend to block port 1214 and kazaa site. this probably worked
> in version 1.
>
> how could I block kazaa, since I need accept connections in high
> ports?
>
> sorry for the bad english.
Have you tried blocking on the INPUT chain? That's where'd I'd put that rule.
jc
--
Jeff Coppock Systems Engineer
Diggin' Debian Admin and User
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org