On 13 Mar 2002, Charles Galpin wrote: > Hi > > I asked this recently but no-one replied. Some joker is annoying th > ehell out of me by trying to send a email to any name he can come up > with (automated) at my domain. here is an example > > Mar 13 13:02:45 rabbit postfix/smtpd[31864]: reject: RCPT from > 1Cust240.tnt1.bloomington.il.da.uu.net[63.27.139.240]: 550 > <[EMAIL PROTECTED]>: User unknown; > from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> > Mar 13 13:05:23 rabbit postfix/smtpd[32757]: reject: RCPT from > 1Cust240.tnt1.bloomington.il.da.uu.net[63.27.139.240]: 550 > <[EMAIL PROTECTED]>: User unknown; > > I get dozens of these an hour. > > So i decided to block his class C since it's allways a dynamic IP on > 63.27.139.0/24. Well my rule isn't working. Here is what I tried > > # stop this asshole filling my mail log > $IPTABLES -A INPUT --source 63.27.139.0/24 -j silent > > silent is a chain that just does a DROP. I tried -I too. yes I'm aware > this should stop all traffic from that block, but I'm fien with that :) > > Can anyone tell me why this isn't stopping him/her in his tracks?
You have to actually use the full netmask, not the CIDR bit notation. Try "$IPTABLES -A INPUT --source 63.27.139.0/255.255.255.0 -j silent" instead. _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
