On Fri, Mar 09, 2001 at 08:49:54PM +0000, Jim Breton wrote: > # deny and log all packets trying to come in from a 127.0.0.0/8 address > # over a non-'lo' interface
Oops. Just occurred to me that this is not what you were asking about. Why do I do such things? Anyway. /etc/ipmasq/rules/I90external.def # accept incoming packets from external networks on external interfaces ipchains) $IPCHAINS -A input -j ACCEPT -i $i -d $IPOFIF/32 if [ -n "$BCOFIF" ]; then $IPCHAINS -A input -j ACCEPT -i $i -d $BCOFIF/32 fi ;; Since we have a default drop and log coming later in the rules (/etc/ipmasq/rules/ZZZdenyandlog.def), this will take care of your concern.