Weblog entry #1 for daryl
See all weblog entries made by daryl.
iptables -A INPUT -s 66.79.162.82 -d xx.xxx.xxx.xx -j DROP
But my wife always seems to get this spam. I have tried it with iptables -I as well with no luck. In fact my postfix configuration seems to be blocking more
addresses than iptables, which shouldn't be the case. Running iptables -L shows
my firewall running. Any pointers.
Comments on this Entry
iptables -t filter -I INPUT -s 66.79.162.82 -j LOG --log-prefix "DEBUG: "
you can then see messages with dmesg command. Check out also if you are using the correct chain (if it should be FORWRAD for example). Eventually you may also have some -j ACCEPT rule before this DROP one, which is conflicting. I personally always let a -j LOG before any DROP to make sure I can easily debug if I have problems.
To see all your filter rules try:
iptables -t filter -nvL
There is also a packet counter, you can use that to see what rules are applying.
Finally, read this:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html
which seems to be the only "complete" iptables documentation.
Good luck!
PS: tcpdump is always your friend at these times.
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
"iptables -A .. " means to append the entry to the end of any rules on that chain.
It might be that you have an "accept" rule which is being matched first. If that is the case use "iptables -I .." to insert the rule.
[ Parent | Reply to this comment ]
rules to -I instead of -A. Wait and see!. But saw in my mail logs postfix rejecting a lot of hinet.net mail(Taiwan) when this should be "dropped" by iptables.
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Hard to know what is going on without seeing your logs. I guess you should post your script and see if that helps.
Hope that you're blocking the source IP not that the machine claims to use via the HELO though .
[ Parent | Reply to this comment ]