Alright. I'm trying to set up an ISP for our LAN. I've got it set up basically, except I would like to limit access to the LAN except for a couple of users. I'm trying it with only one user right now, and I've played with all kinds of combinations of the IPchains command, but either it completely limits access or it allows access to the LAN. I'm using the proxyarp option for pppd and I have the following lines in /etc/rc.d/rc.local
This works, but it allows access to the LAN
ipchains -P forward DENY
ipchains -A forward -i eth0 -j MASQ
echo "1" > /proc/sys/net/ipv4/ip_forward
I've tried adding the following lines to first deny access from ip's other than ones that match the local ips and secondly to deny all forwarding to the LAN, however this blocks access to the internet as well.
ipchains -A input -s ! x.x.x.x -j DENY
ipchains -A forward -d ! x.x.x.x -j DENY
Am I doing something wrong, or is there something i'm not considering.