I think the origial post did have the -A switch, but hey, this works, and I'm happy.
Richard Charles Steinkuehler wrote: > > > just a quick note. The rule works, but not when added at the end of > > ipfilter.conf. It has to go into stopMartians() like so: > > > > # RFC 1918/1627/1597 blocks > > $IPCH -A $LIST -j DENY -p all -s 10.0.0.0/8 -d 0/0 -l $* > > $IPCH -A $LIST -j DENY -p all -s 172.16.0.0/12 -d 0/0 -l $* > > ---> $IPCH -A input -j DENY -p 17 -s 192.168.77.250 -d 0/0 162 > > $IPCH -A $LIST -j DENY -p all -s 192.168.0.0/16 -d 0/0 -l $* > > > > Otherwise I think the rule immediately below kicks in and logs the deny. > > I tried it at the location you suggested and still got log entries. I > > moved it and, viola!, no more pesky log entries. > > That's apparently because you used -A (add) instead of -I (insert). I may > have gotten this wrong in my initial post...I don't know. > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
