George Vieira wrote: > > it's being dropped because you have allowed TCP port 80 on 219.118.175.0/24 ONLY.. looking at your logs it shows the IP as DST=203.179.86.66 which isn't to that network.. Maybe you misread the iptables' out output since the formatting is off, but the rule for 219.118.175.0/24 is for SSH. The port 80 rule is: ACCEPT tcp -- eth0 * 0.0.0.0/0 203.179.86.66 state NEW,RELATED,ESTABLISHED tcp dpt:80 > HOW BIG is your network??? Only 16 IP addresses. I hate to show my ignorance but the the SSH rule which uses the 219.118.175.0/24 is to allow SSH access from another network with 8 IP address. The range is 219.118.175.240-248 but I didn't know how to write that as a / netmask so I used 0/24 :( Jc
