You want to block connections to a particular network service, for example, HTTP.
To block all incoming HTTP traffic:
For iptables:
# iptables -A INPUT -p tcp --dport www -j REJECT
For ipchains:
# ipchains -A input -p tcp --dport www -j REJECT
To block incoming HTTP traffic but permit local HTTP traffic:
For iptables:
# iptables -A INPUT -p tcp -i lo --dport www -j ACCEPT # iptables -A INPUT -p tcp --dport www -j REJECT
For ipchains:
# ipchains -A input -p tcp -i lo --dport www -j ACCEPT # ipchains -A input -p tcp --dport www -j REJECT
You can also block access at other levels such as TCP-wrappers. [Recipe 3.9][Recipe 3.11]
iptables(8), ipchains(8).