On Sat, 1 Mar 2003, Dave Laird wrote: > iptables -A INPUT -s 209.82.110.17/16 -j DROP will work to drop *everything* > from 209.82.110.x, regardless of the the fourth digits in the network > address. Unless I've gotten it backwards again (it's past my bedtime) 24 only > drops the 0 of your address, which might possibly be the gateway, depending > upon how they have configured their system.
So I would use /16 for a Class C network? > I use the firewall to block undesirable IP's as needed, and it has proven, > time and again, to substantially reduce my spam loads. Also, if you want more > targets, go to http://www.iana.org/assignments/ipv4-address-space and look > up the IP blocks assigned to the primary sources of most pornographic spam. > Then block them by country. You'd be surprised at how spam levels will drop. I am blocking now at the Sendmail level using access lists and I get the lists based on email that makes it past SpamAssassin, I read the headers and go block. Most of my customers can deal with the printer ads, but it is the porn that bothers them most, especially when they have kids. -Scott
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com