Hi,

I have configured iptables server on server1 (192.168.0.1/24).
Now I want to allow user root on server1 to be connected to network
and all other users on server1 will not be able to ping other PCs. So
I did this:
--------------------------------------------------------
#iptables -F
#service iptables stop
#iptables -A OUTPUT -m owner --uid-owner 0 -j ACCEPT
#iptables -A OUTPUT -j DROP
#iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere      OWNER UID match root
DROP       all  --  anywhere             anywhere           
--------------------------------------------------------

Still other users including root can ping other PCs. Why is this not
working?

Also I have some diffulties understanding Connection Tracking(NEW, ESTABLISHED, RELATED, INVALID) concept.
Can any one help me?

Any practical guide available on internet for iptables???

TnR,
Hiren