9 Feb
2014
9 Feb
'14
6:58 p.m.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Bill, sorry to hear about your troubles.
On 2/9/2014 11:54, William Lewis wrote:
At first, I set up a log book scan script to look for
bad logins, and
then ban the IP address, but then I found out that since my 44.2.14.1
ip address goes "around" my firewall via UCSD, the block rules
literally have zero effect.
Don't know if this will help, but this is one major reason that a number
of years ago I opted to do all my IPIP routing via the Linux kernel and
no longer in *NOS. It has more advanced routing capability, and can
filter / NAT / etc. everything going into or out of those tunnels (as
well as all other traffic). Then, as others have said, if it's SMTP
traffic bound for the BBS and it's not coming from a net-44 address, it
*must* hit my Postfix gateway. NOS also is configured with access rules
to deny all non-44 SMTP packets in order to help enforce that policy.
Hope you get it nailed down!
73,
Brett
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iEYEARECAAYFAlL4JB0ACgkQ+/Ps1x4JxWZekACaAvexWJ7Hb4Gayka6MjXJBmvE
WIIAn3YjGVrQkg8YdOLgSVMgy/Ke7Q/7
=CnZr
-----END PGP SIGNATURE-----