I'm using the default setup of potato's ipmasq package between my public eth0 and private eth1 interfaces. How to change it to deny a public service to an unfriendly network?
I've looked through the files in /etc/ipmasq/rules, and I90external.def looks about right for additions like: $IPCHAINS -A input -j DENY -i $i \ -l -p all -s $idiots --destination-port $port (as I90external.rul). But I'm never too sure about my script (or man page)reading skills. Is there a better way to do this? Do I need to make changes elsewhere, too? TIA! Tod abl.com
