search for: goodip

...ROP > iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP I'm not sure it's your INPUT table that needs that rule. I don't have any NAT machines for experimentation, but my initial hunch is that you'd want OUTPUT rules, e.g., iptables -A OUTPUT -p tcp --dport 22 -s ${GOODIP}/32 -j ACCEPT iptables -A OUTPUT -p tcp --dport 22 -s 10.0.0.0/24 -j REJECT -- Paul Heinlein heinlein at madboa.com 45?38' N, 122?6' W

Folks I'm struggling with my firewall settings, and would appreciate some help. I have a gateway machine (currently Centos 7 with IPV4 only) with two NICs. One is connected to the internet, the other to an internal network (10.0.0.0/24) of mixed hardware (windows7, android tablets, android phones, linux boxes) using NAT. I wish to block all outgoing connects to any external IP address