On Tue, 30 May 2006 09:45:54 +1200 Volker Kuhlmann <[EMAIL PROTECTED]> wrote:
> > iptables -A INPUT -i eth0 -j ACCEPT > > iptables -A INPUT -i eth0 -s 192.168.0.0/255.255.0.0 -j DROP > > No point dropping anything after you've already accepted everything. > > No suggestions, but the problem with all these iptables scripts is that > they don't work together, so I never see that much point making yet > another one. Using shorewall seems much better, it's far more advanced > for that. > > Volker > > -- > Volker Kuhlmann is list0570 with the domain in header > http://volker.dnsalias.net/ Please do not CC list postings to me. Thanks for pointing out the stupid mistake. It's stopping about 700 connections/hour to my mail server which would otherwise time out on 4 minutes and generally clog up the works, so I reckon it's pretty useful! Cheers, Steve
