On Thu, 12 Aug 2004, scty Library wrote: > I am messing around with iptables, trying to learn how > it works so that I can build my self a router/firewall > and mabey a VPN. Anyway I tried to use a command on my > Desktop CentOS3 machine. > > "iptables -A INPUT -s 127.0.0.1 -p icmp -j DROP" > > now the command seems to have went through because I > didn't get any errors, but when I go to ping 127.0.0.1 > I am getting a response and my packet loss is 0%. It > should be 100% packet loss. > > Can anyone tell me what I am doing wrong. I am not > trying to do anything yet, just want to learn by > exploring. Try: iptables -A INPUT -d 127.0.0.1 -p icmp -j DROP Since you're pinging 127.0.0.1, that's the destination (-d) address, not the source (-s) address. -- dag wieers, dag at wieers.com, http://dag.wieers.com/ -- [Any errors in spelling, tact or fact are transmission errors]