Re: [44net] Should I worry about this crud coming in via the tunnel?

Hello Arno. In my Debian 7.7.0 gateway I use such rules for all amprnet interfaces: -A INPUT ! -s 44.0.0.0/8 -i tunl0 -j DROP -A INPUT ! -s 44.0.0.0/8 -i tun0 -j DROP -A INPUT ! -s 44.0.0.0/8 -i tun1 -j DROP -A INPUT ! -s 44.0.0.0/8 -i tun2 -j DROP -A INPUT ! -s 44.0.0.0/8 -i sl0 -j DROP -A INPUT ! -s 44.0.0.0/8 -i sl1 -j DROP -A INPUT ! -s 44.0.0.0/8 -i sl2 -j DROP I do not use -d <IP> (destination address) option at all. Result: ZERO non-44-net traffic! Best regards. -- Tom - SP2L (ex sp2lob) ------------------------------------ It is nice to be important. But it is more important to be nice!