Old hat, but remember that you can drop single rules by chain with this:
iptables -L CHAIN -n --line-numbers (iptables -L <-to list all the chain names). (This is also handy to check to see that you are not dropping things before you have added your rule in the chain!) iptables -D CHAIN rule# - to add one in position 1 in the chain (INPUT here): iptables -I INPUT 1 -s ip.ad.dr.ess -j DROP To delete it by number: First (trust, but verify) .... iptables -n --list --line-numbers Then delete :-) iptables -D INPUT 1
Masquerade lan traffic to wan interface - and thus enable a gateway for your lan devices:
# change the -o p1p1 to your wan interface name! iptables -F iptables -t nat -F iptables -t mangle -F iptables -X iptables -t nat -X iptables -t mangle -X service iptables save service iptables restart echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o p1p1 -j MASQUERADE service iptables save service iptables restart