On Wed, 2003-09-03 at 18:54, Res wrote: > > You could shrink it a bit... >
> > "/sbin/iptables -A INPUT -s 61.32.0.0/16 -j REJECT" > > Why double the load by sending them a packet back, just drop them totally > without a reply, replace -j REJECT with -j DROP > but adding the IP's to your border router would be a better idea, our spam > and attempted relays died off by 95% with all those IP's in the router > acl. Because I'm a mindless nitwit? Good advice. > > > What is the most efficient means of logging matches? I suppose that I > > > My god! Why do you want to do this? > Seriously you are asking for trouble your logs will grow so big so fast it > will defeat the purpose, don't log em, just nuke em. Again, good advice. > > --
signature.asc
Description: This is a digitally signed message part
