/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
Scott Brause <[EMAIL PROTECTED]> wrote:
>
> intnet="10.0.0.0/0"
> extint="eth0"
> # remote interface, claiming to be local machines, IP spoofing, get lost
> ipchains -A input -i $extint -s $intnet -d 0.0.0.0/0 -l -j REJECT
Is that really a "/0" describing "intnet"?? By giving it 0 bits for the
network portion, you are basically causing this rule to match *any* IP
address! So your rejection rule rejects everything that comes in.
I think you either meant "/24", or perhaps "/8", instead.
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Good judgment comes from experience.
sometimes known as David DeSimone || Experience comes from bad judgment."
http://www.dallas.net/~fox/ || -- Life Lessons
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
