iptables; some IPs are getting through netmasks
I am hoping someone can help show me where I'm going wrong.
I have iptables setup in the following way, basically, I am
using the chain "pests" to drop data from certain IPs.
Chain INPUT (policy ACCEPT)
target prot opt source destination
pests tcp -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain pests (1 references)
target prot opt source destination
DROP tcp -- 1.85.17.0/24 0.0.0.0/0
DROP tcp -- 67.228.245.0/24 0.0.0.0/0
(in reality, the "pests" chain is much larger)
It seems to work, except I find emails from certain IPs are
still getting through, and it's always when I have set a /24 netmask.
For example, in a recent email, the header was...
Received: from mail10.mydailyflog.com ([67.228.245.121])
...even though I had the IP range 67.228.245.0/24 in my "pests"
chain.
Hoping someone can help me, much thanks.
Reply to: