Actually, I don't think the resulting iptables rules are correct for blocking a range.
I usually use a base IP address and a mask, i.e. 192.168.0.0/16.
When I saw what you were doing, I just...
Type: Posts; User: Doug S; Keyword(s):
Actually, I don't think the resulting iptables rules are correct for blocking a range.
I usually use a base IP address and a mask, i.e. 192.168.0.0/16.
When I saw what you were doing, I just...
Could you say the specific address that is able to create the unwanted connection. I can not see the path in the OUTPUT chain for a NEW connection that would create the RELATED, ESTABLISHED by-pass...
Question: Are you testing new ufw rule sets (resulting in new iptables rules) without retsarting the computer? An established connection in the contrack table would be uneffected.
There is a...
My guess it that there is a path around what you have shown. Even though I find ufw generated iptables hard to read, please show us the complete output from:
sudo iptables -v -x -n -LIs this...