[BlueOnyx:19857] Re: iptables
Larry Smith
lesmith at ecsis.net
Tue Jul 19 14:27:46 -05 2016
Looks like you are adding the entry after the default "acctin"
rule. Do a full list of the iptables -n -L | less and see where
the drop rule is in the list of actions. I suspect it is second
or third in the list which means packets first go to the acctin
rule, then get processed.
--
Larry Smith
lesmith at ecsis.net
On Tue July 19 2016 14:09, "Meaulnes Legler"@MailList wrote:
> hello
>
> I'm still fighting with iptables against this mail-flooding to a specific
> user. I don't understand why mails from a specific IP like 123.45.67.89
> still slip thru although they should be blocked if included within the
> subnet 123.45.67.0/24 ... I entered
>
> # iptables -A INPUT -s 123.45.67.0/24 -j DROP -v
>
> Reading the table with the following returns:
>
> # iptables -L -n -v | grep 123.45.67.0/24
> 0 0 DROP all -- * * 69.168.97.0/24 0.0.0.0/0
>
> What am I missing? Does iptables need a special configuration to be able to
> block subnets?
>
> Thank you and best regards
>
> Meaulnes Legler
> ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
> ~ www.WaveWeb.ch ~
> ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
> ~ Zurich, Switzerland ~
> ~ tel: +41 44 2601660 ~
More information about the Blueonyx
mailing list