Sorry I forgot the -A LOG_ASIAN -j DROP Any idea on why the accept isn?t working? > -----Original Message----- > From: Gáspár Lajos [mailto:swifty@xxxxxxxxxxx] > Sent: Tuesday, February 10, 2009 9:50 AM > To: Joey > Cc: IPTables > Subject: Re: help with whitelist > > Hi, > > Am I blind or there is no DROP/REJECT target at all??? > > Swifty > > Joey írta: > > Hello All, > > > > > > > > Im having a problem with a whitelist I am trying to implement and apparently > > we still block IP's on the whitelist. > > > > > > > > First I execute the whitelist like so: > > > > > > > > :CIDR-WHITE-LIST - [0:0] > > > > :LOG_WHITE-LIST - [0:0] > > > > -A CIDR-WHITE-LIST -s 1.2.3.4 -j LOG_WHITE-LIST > > > > -A LOG_WHITE-LIST -j LOG --log-prefix "CIDR-WHITE-LIST" > > > > -A LOG_WHITE-LIST -j ACCEPT > > > > -A SMTP_TRAFFIC -j CIDR-WHITE-LIST > > > > > > > > Then the blacklist like so: > > > > :CIDR-ASIAN - [0:0] > > > > :LOG_ASIAN - [0:0] > > > > :SMTP_TRAFFIC - [0:0] > > > > -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -j SMTP_TRAFFIC > > > > -A CIDR-ASIAN -s 2.3.4.5 -j LOG_ASIAN > > > > -A LOG_ASIAN -j LOG --log-prefix "SPAM-BLOCK-CIDR-ASIAN" > > > > -A SMTP_TRAFFIC -j CIDR-ASIAN > > > > > > > > I am basically blocking port 25 traffic to blocked IP's. > > > > I must be missing something stupid, but cant see it. > > > > > > > > Any help is greatly appreciated! > > > > > > > > Thanks! > > > > > > -- > > To unsubscribe from this list: send the line "unsubscribe netfilter" in > > the body of a message to majordomo@xxxxxxxxxxxxxxx > > More majordomo info at http://vger.kernel.org/majordomo-info.html > > > > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
