Hello David, If you have some firewall rules yet, the rule you mention could never hit. Use the option -I instead of -A. -I will insert your rule at the first position in the chain, unless you specify the number where you want it. iptables -I INPUT -i public_interface -s 202.154.10.146/32 -j REJECT But, if you're using sendmail, maybe the best to do is to tell sendmail to reject the traffic from this particular host. Go to /etc/mail, edit the file called 'access' and append a line like this: 202.154.10.146 REJECT "You're sending too much viruses!" Then save, type 'make' and restart sendmail. Regards, Alejandro Flores > Dear all, > > My mail server received so many virus mails from ip 202.145.10.147 and after > i look at gateway (linux) and i using iptraf i see so many traffic from > 202.145.10.147. > After that i try to block all traffic from 202.145.10.147 with command : > #iptables -A INPUT -s 202.145.10.146 -j DROP > > but i still receiveall traffic from 202.145.10.146...... > Can anybody help me ........... that ip send virus in to mail server more > then 20 mails per minute....... > > > Regards, > David Kandou > > Help me ... iam so confused > > FYI : > Iam using RedHat 9 > eth0 --> ippublic > eth1 --> local ip > mail server --> local ip > >
