Thanks for that. Would something like 1.2.3.4/32:135 work for the universe???Respectfully,Ben
Actually, I don't know that you can block a specific TCP port. However, if you have LDROP or LREJECT or LTREJECT as your DROP= policy, just change that. The logging policies are really only for debugging your ruleset as they can lead to HUGE amounts of logs.
--MonMotha
