From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Joey" <Joey@Web56.net>
Subject: RE: tool to search within cidr blocks
Date: Wed, 22 Oct 2008 18:40:58 -0400
Message-ID: <004801c93497$4084a270$c18de750$@net>
References: <004301c9347c$6ab0a3c0$4011eb40$@net> <1224703739.3999.139.camel@grateful.d.umn.edu>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <netfilter-owner@vger.kernel.org>
In-Reply-To: <1224703739.3999.139.camel@grateful.d.umn.edu>
Content-Language: en-us
Sender: netfilter-owner@vger.kernel.org
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"
To: IPTables <netfilter@vger.kernel.org>

> -----Original Message-----
> From: netfilter-owner@vger.kernel.org
[mailto:netfilter-owner@vger.kernel.org]
> On Behalf Of Matt Zagrabelny
> Sent: Wednesday, October 22, 2008 3:29 PM
> To: Joey
> Cc: IPTables
> Subject: Re: tool to search within cidr blocks
> 
> On Wed, 2008-10-22 at 15:28 -0400, Joey wrote:
> 
> > Is there a tool or a way to ask iptables what rule it matches?
> 
> LOG before you DROP.
> 

We are definatley logging, but the rejected address is not matching any of
the blocks defined to block.
It's very strange.

Joey