Ok, I'm desperate. I've tried everything I know how to try, and it's not
working. And I can't figure out why.

I am running Debian with a 2.2.19 kernel. I know 2.6 is out, but I don't
want to upgrade right now. There is going to be a major overhaul coming
in a month or so, and I don't want to waste time upgrading this machine
right now.

Here is what I am trying to do. I am attempting to block access to my
linux box from all addresses starting with 141.117.*.* except the few
within that range that I specify. So, my first thought was hosts.allow
and hosts.deny. I added the address above (with netmask) to hosts.deny,
(ALL:141.117.0.0/255.255.0.0), and the address I want to be able to
access the box (ALL:141.117.*.*) to hosts.allow. Then I started testing.
The address I want to work worked fine. However, I am having issues with
the blocked addresses. They won't connect to some services (ie the POP
server) which is perfect, but they still connect to others, such as
SMTP. I've even tried explicitly denying the IP of the machine I'm
testing with, and I can still send mail through SMTP perfectly. I tried
adding (ALL smtp: 141.117.0.0/255.255.0.0) or ALL exim:
141.117.0.0/255.255.0.0) but neither seem to work.

I just don't understand how I can explicitly deny access, and it works
for some things but SMTP works great.

HELP!

Thank you

Josh
--
A common mistake that people make when trying to design something
completely foolproof is to underestimate the ingenuity of complete
fools.
        -Douglas Adams

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics