> I personally don't see the need to blacklist this way (given that the > host is likely compromised and thus you shouldn't trust any traffic from > it), but there's nothing to say you can't do it if it makes sense to > you. (One exception to this rule about compromised hosts might be port > 80, which is commonly transparently proxied by ISPs.)
Well this proxying thingies the isps have is the sole reason why I can't drop a host all together. But this is maybe not such a big issue in Sweden anyway, more AOL country. BR Robert ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
