Re-direction problems in IPCOP

Where is iptables? (can't seem to find it)

You need to make changes to your rc.local file which is located in the following directory /etc/rc.d/. You will need to use an SSH client like PuTTY .

Add the following commands after the line containing "#!/bin/sh"
[code:1]
# Flush Custom Input Rules
/sbin/iptables -F CUSTOMINPUT
/sbin/iptables -F CUSTOMFORWARD


#bar access for all IPs
/sbin/iptables -A CUSTOMFORWARD -i $GREEN_DEV -s 0/0 -o $RED_DEV -j DROP
[/code:1]

After editing rc.local, you can run update the changes by typing "/etc/rc.d/rc.local".

The above rules simply block IP access for all clients. This will mean that some applications that go out on ports other than those which can be proxied by Squid will not work. To reverse the change, simply put a "#" at the start of the last line and run "/etc/rc.d/rc.local" again.

1. If your RED interface is actually an modem (ADSL or cable) rather than an actual network card, you will need to replace changing the "$RED_DEV" entries with "ppp0".

Right i will give that a try.
Thanks for your help da light.
When you say it will block all ip access, does that mean it will just dispaly a page that says blocked, or it will not send the requests out from our network and disply whatever is at the local address?

I have just tried it, going in on port 222 using putty but there dosn't seem to be a etc directory, there is only the url filter one and various other files,

Right i will give that a try.
Thanks for your help da light.
When you say it will block all ip access, does that mean it will just dispaly a page that says blocked, or it will not send the requests out from our network and disply whatever is at the local address?

It will simply drop the IP packets.

I have just tried it, going in on port 222 using putty but there dosn't seem to be a etc directory, there is only the url filter one and various other files,

Did you use: [code:1]cd /etc[/code:1]

I have managed to get into the file now (you where right, i'm too used to dos!)
But when i put the code in, then try to update the file i get this error
[code:1]
root@ipcop:/etc/rc.d # /etc/rc.d/rc.local
Warning: wierd character in interface `-s' (No aliases, :, ! or *).
Bad argument `0/0'
Try `iptables -h' or 'iptables --help' for more information.[/code:1]

Thinking this may be because i used the "$GEEN_DEV" and "$RED_DEV" i then used "eth0" and "eth1".
This stopped this error coming up, but it dosn't seem to drop the ip packets (i'm still getting the same access denined page so it much still be sending the request out the the external proxy)
Do it need to chang the "0/0" in the last line to my IP range and mask?