Remove the rule #iptables -A INPUT -s 202.145.10.146 -j DROP and apply #iptables -A FORWARD -s 202.145.10.146 -j DROP This is because all traffic coming from 202.145.10.146 through the gateway (LINUX box) to your local LAN will be passing through the Forward chain of the gateway and not the Input chain. Regards, dhananjoy On Thu, 2004-07-29 at 17:44, david wrote: > Dear all, > > My mail server received so many virus mails from ip 202.145.10.147 and after > i look at gateway (linux) and i using iptraf i see so many traffic from > 202.145.10.147. > After that i try to block all traffic from 202.145.10.147 with command : > #iptables -A INPUT -s 202.145.10.146 -j DROP > > but i still receiveall traffic from 202.145.10.146...... > Can anybody help me ........... that ip send virus in to mail server more > then 20 mails per minute....... > > > Regards, > David Kandou > > Help me ... iam so confused > > FYI : > Iam using RedHat 9 > eth0 --> ippublic > eth1 --> local ip > mail server --> local ip > >
