all:

I run a webserver that caters to an entirely local crowd, so to keep hacking attempts to a minimum, I have inserted a bunch of international IP-blocking rules into my iptables.

But my filters don't seem to be working.

For instance, in the *filter section I have the following rule:

-A INPUT -s 101/8 -p tcp -m tcp -j DROP

as part of the set of rules to filter out international traffic.

But I find repeated login attempts from this address: 101.227.170.42 in my lastb output.

Shouldn't the iptables rule filter out these attempts?

Thanks!

I run a webserver that caters to an entirely local crowd, so to keep hacking attempts to a minimum, I have inserted a bunch of international IP-blocking rules into my iptables, but my filters don't seem to be working.

For instance, in the *filter section I have the following rule:

-A INPUT -s 101/8 -p tcp -m tcp -j DROP

as part of the set of rules to filter out international traffic.

But I find repeated login attempts from this address: 101.227.170.42 in my lastb output.

Shouldn't the iptables rule filter out these attempts?