Try blocking it in the PREROUTING chain of the nat or mangle table and then
REJECT the packet with a icmp port unreachable.

iptables -t nat -I PREROUTING -i <interface> --dport <port> -s !<address> -j
REJECT

> -----Original Message-----
> From: owner-kclug@marauder.illiana.net
> [mailto:owner-kclug@marauder.illiana.net]On Behalf Of mgoins@kcp.com
> Sent: Tuesday, July 09, 2002 7:57 AM
> To: kclug@kclug.org
> Subject: iptables
>
>
> Howdy all,
>
>
> I 'm looking to hide an open port from my LAN (nmap scans) and have only
> open to one machine. I'm thinking iptables, I have read the man page and
> the how-to. but I can't seem to get it working. I am able to block
> everybody but the one host. I am not able to hide it from nmap as being
> open.
>
>
>
> Any help would be great.
>
>
> Thanks,
>
> ~Michael
>
>
>