On Tuesday 30 April 2002 3:19 am, Chris Hoeschen wrote: > Sure thing: > > Chain PREROUTING (policy ACCEPT) > Chain FORWARD (policy DROP) > Chain BANNED (2 references)
Hmmm.... I can't see anything here which would let the offending address through. You've even got your BANNED rule before you allow Related and Established connections, so it can't be something hanging around in your conntrack table... I'm intrigued by this one - however that doesn't solve your problem of course. In the meantime is it possible for you to use a .htaccess file on the webserver to Deny access from the address range you're blocking ? You should be able to put a single .htaccess file in the root of the server tree and it'll block access for all documents. However, please post any other information which might explain what's going on - this one is interesting :-) Antony.
