On 9/6/2016 7:12 PM, johnny bowen wrote: > Sorry, I didn't answer your question. > > Shorewall is letting those packets through because they are in the > "Established" or "Related" state. The rule you added is likely a rule to > match packets in the "NEW" state. > Flush your connections with the commands from my last email. > FYI, it helps to run that command a few times in a row. >
Also be sure that the DROP rule is in the /etc/shorewall/blrules file or that it is before any net->fw ACCEPT rules in /etc/shorewall/rules -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
