2009/10/28 Ralph Blach <rcblach@xxxxxxxxx>: > Ok, > [snip] > Since I get attached, I want to drop and log from any attaching network. > > This happens on a daily bassis, so I am constally updating the list. > > What is the best set of rules to accomplish this If you only wish to allow traffic from your internal network and the external nameservers then its simple. set your iptables policies, as said earlier, to DROP. Then create explicit rules to accept the traffic you want in each chain as needed. If you want to log any DROP traffic then just make the LAST rule in each chain a logging rule... If you use DROP as a policy and only allow specific traffic you will not have to keep updating your rule set to block additional networks. -- Richard Horton Users are like a virus: Each causing a thousand tiny crises until the host finally dies. http://www.solstans.co.uk - Solstans Japanese Bobtails and Norwegian Forest Cats http://www.pbase.com/arimus - My online photogallery -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html