I'm trying to setup iptables on my dd-wrt router to accept only VPN traffic and block everything else, including LAN traffic, for a specific host. This is what I have so far but iptables isn't taking my commands which suggests something is wrong about them. I'm pretty new to iptables so these commands probably wouldn't work anyway lol. The host is .101 and the router is .10. The "[CHAIN] [#]" is for where they need to go respective to the other filters. Code: # Accept https traffic for router management. iptables -I INPUT 12 -p tcp -s 192.168.1.101 -d 192.168.1.10 --sport 443 -j ACCEPT # Accept VPN traffic from .101 iptables -I INPUT 13 -p udp -s 192.168.1.101 --sport 1192 -j ACCEPT # Drop all other data coming from .101 iptables -I INPUT 14 -p 0 -s 192.168.1.101 -j logdrop # Block all LAN traffic from reaching .101 (the FORWARD accept for VPN traffic is already in the firewall) iptables -I FORWARD 8 -p 0 -s 0.0.0.0/0 -d 192.168.1.101 -j logdrop I'd really, REALLY appreciate any help on what I'm doing wrong. I've been wracking my brain trying to understand the madness that is iptables for about a week.