Re: IPSEC not blocking specific IP address per Ethereal
From: Alfredo (alfredo_at_KILL_SPAM_megapath.net)
Date: Tue, 19 Apr 2005 16:51:19 GMT
"T. Sean Weintz" <firstname.lastname@example.org> sez :
>> it could be that ethereal is
>> capturing the packets before IPSEC gets to block them
>Yup. That is what's happening.
Wait, that can't be it, because there's also the case of the flooding
spammer trying to relay through me.
I placed his IP on the same "block" list, and yet my SMTP inlog still
shows his flood of email attempts *after* I put him on the IPSEC block
list exactly like I did with the worm above. His packets are still
getting through. This is an IPSEC issue.
Can anyone see what I have done wrong in my IPSEC policy? I am getting
overwhelmed with worms and spammers doing what amounts to a DOS attack
on my server and I would like to stop them.