On 2020-12-10 23:58, Tom Eastep wrote:
On 12/10/20 6:02 AM, Benny Pedersen via Shorewall-users wrote:
If it is coming from a single address or sub-network, you can simply blacklist the SOURCE. Otherwise, just add a DROP rule that silently drops the traffic from net->fw: DROP net fw tcp service-port
custommers need to use that port, just not from rfc 1918 is my problem to solve
NULL_ROUTE_RFC1918 this was set to no, changed to yes, still not working, i miss another one,
ROUTE_FILTER is no pr default, set it to yes, hope i dont miss more will DROP net:10.0.0.0/8... fw tcp service-port be needed still ? _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
