Hi,
Am I blind or there is no DROP/REJECT target at all???
Swifty
Joey írta:
Hello All,
Im having a problem with a whitelist I am trying to implement and apparently
we still block IP's on the whitelist.
First I execute the whitelist like so:
:CIDR-WHITE-LIST - [0:0]
:LOG_WHITE-LIST - [0:0]
-A CIDR-WHITE-LIST -s 1.2.3.4 -j LOG_WHITE-LIST
-A LOG_WHITE-LIST -j LOG --log-prefix "CIDR-WHITE-LIST"
-A LOG_WHITE-LIST -j ACCEPT
-A SMTP_TRAFFIC -j CIDR-WHITE-LIST
Then the blacklist like so:
:CIDR-ASIAN - [0:0]
:LOG_ASIAN - [0:0]
:SMTP_TRAFFIC - [0:0]
-A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -j SMTP_TRAFFIC
-A CIDR-ASIAN -s 2.3.4.5 -j LOG_ASIAN
-A LOG_ASIAN -j LOG --log-prefix "SPAM-BLOCK-CIDR-ASIAN"
-A SMTP_TRAFFIC -j CIDR-ASIAN
I am basically blocking port 25 traffic to blocked IP's.
I must be missing something stupid, but cant see it.
Any help is greatly appreciated!
Thanks!
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
