[EMAIL PROTECTED] wrote: > Per Phil Dibowitz's suggestion: > > Attached is an altered version of my ipf.conf file. It is only altered > to change the real IPs to bogus IPs for protection / paranoia. Realizing > the confusion introduced by bogus IPs, our subnet is 70 (xxx.xxx.70.xx). > So, in my previous Email, substitute all references to subnet 78 with > subnet 70 (ipmonlog, etc.) > > Phil is right. As shown in the attached file, blocks are done by Rule > 18: block in log all > > Thanks, in advance, for any help that you may offer.
It's not clear to me what's wrong. A few things to keep in mind: 1. You're mixing 'quick' and 'nonquick' rules. This is a bad idea from a hard-to-debug and will-bite-you-in-the-ass perspective. Go one or the other. Either you want first-match or last-match. 2. Are you doing NAT? How you're doing NAT changes how your rules are interpreted. 3. Please see the FAQ, and what to post to the list, your still missing lots: http://www.phildev.net/ipf/IPFmail.html Sorry I couldn't be more help. Oh, and please don't email me directly - the list is here for a reason. Thanks. -- Phil Dibowitz [EMAIL PROTECTED] Open Source software and tech docs Insanity Palace of Metallica http://www.phildev.net/ http://www.ipom.com/ "Never write it in C if you can do it in 'awk'; Never do it in 'awk' if 'sed' can handle it; Never use 'sed' when 'tr' can do the job; Never invoke 'tr' when 'cat' is sufficient; Avoid using 'cat' whenever possible" -- Taylor's Laws of Programming
signature.asc
Description: OpenPGP digital signature
