> just a quick note. The rule works, but not when added at the end of > ipfilter.conf. It has to go into stopMartians() like so: > > # RFC 1918/1627/1597 blocks > $IPCH -A $LIST -j DENY -p all -s 10.0.0.0/8 -d 0/0 -l $* > $IPCH -A $LIST -j DENY -p all -s 172.16.0.0/12 -d 0/0 -l $* > ---> $IPCH -A input -j DENY -p 17 -s 192.168.77.250 -d 0/0 162 > $IPCH -A $LIST -j DENY -p all -s 192.168.0.0/16 -d 0/0 -l $* > > Otherwise I think the rule immediately below kicks in and logs the deny. > I tried it at the location you suggested and still got log entries. I > moved it and, viola!, no more pesky log entries.
That's apparently because you used -A (add) instead of -I (insert). I may have gotten this wrong in my initial post...I don't know. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
