On Wed, Oct 01, 2003 at 01:18:17PM -0500, Gary wrote:
> I have set my firewall to
> and when I want to drop a specific IP, I enter it manually, it accepts it,
> but it does not drop the packets..
> I am getting a lot of virus activity on my SMTP port 25. So I wanted to
> drop a few IP ranges/addresses..
> 00100 62054 5483792 allow ip from any to any via lo0
> 00200 0 0 deny ip from any to 127.0.0.0/8
> 00300 0 0 deny ip from 127.0.0.0/8 to any
> 65000 873327 293931424 allow ip from any to any
> 65100 0 0 deny tcp from 126.96.36.199 to any
> 65110 0 0 deny ip from 188.8.131.52 to any
> 65535 0 0 deny ip from any to any
> Yet, checking later in my SMTP logs, I am still getting pounded by the
> listed addresses. Can anyone explain why this isn't working?
Your deny rules have to be added before the 'allow ip from any to any'.
ipfw add 100 deny tcp from 184.108.40.206 to any
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"