iptables; some IPs are getting through netmasks

To: debian-user@lists.debian.org
Subject: iptables; some IPs are getting through netmasks
From: Mark Ford <t447806929460@googlemail.com>
Date: Sun, 23 Dec 2012 05:10:45 -0800 (PST)
Message-id: <[🔎] 08061af2-891c-4a02-9e13-2f9309dddfcb@googlegroups.com>

I am hoping someone can help show me where I'm going wrong.
I have iptables setup in the following way, basically, I am
using the chain "pests" to drop data from certain IPs.


Chain INPUT (policy ACCEPT)
target     prot opt source               destination
pests      tcp  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain pests (1 references)
target     prot opt source               destination
DROP       tcp  --  1.85.17.0/24         0.0.0.0/0
DROP       tcp  --  67.228.245.0/24      0.0.0.0/0


(in reality, the "pests" chain is much larger)

It seems to work, except I find emails from certain IPs are
still getting through, and it's always when I have set a /24 netmask.

For example, in a recent email, the header was...

Received: from mail10.mydailyflog.com ([67.228.245.121])

...even though I had the IP range 67.228.245.0/24 in my "pests"
chain.

Hoping someone can help me, much thanks.

Reply to:

Follow-Ups:
- Re: iptables; some IPs are getting through netmasks
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Re: iptables; some IPs are getting through netmasks
  - From: Tom Furie <tom@furie.org.uk>

Prev by Date: Re: [OFF TOPIC] Set up a webserver
Next by Date: Re: Freeze accounts
Previous by thread: Re: Freeze accounts
Next by thread: Re: iptables; some IPs are getting through netmasks
Index(es):
- Date
- Thread