On Thursday 29 July 2004 13:14, david wrote: > My mail server received so many virus mails from ip 202.145.10.147 and > after i look at gateway (linux) and i using iptraf i see so many > traffic from 202.145.10.147. > After that i try to block all traffic from 202.145.10.147 with command > : #iptables -A INPUT -s 202.145.10.146 -j DROP Two suggestions: - You might like to also put that in your FORWARD chain: # iptables -I FORWARD -s 202.145.10.146 -j DROP - Use -I instead of -A, this will INSERT at the top of the list instead of APPENDING to the bottom. Check the output of `iptables -L -vxn` (which you could paste relevant bits of into your email, if necessary) and see if there are any other ACCEPT rules in your INPUT chain that would allow packets from that IP before your rule that denies them. David
