New Denial of Service Attack on Panix

I have to stand somewhat corrected.

create a filter "internet.out"
three lines for each net block you have:

permit tcp
permit udp
permit icmp

The more appropriate format would be:
  permit tcp
  permit udp
  permit icmp

You are *supposed* to use a src/dest netblock pair, though I have
set up and used w/o a dest address and it worked.

final line to log (optional) MUST COME AFTER permit list for netblocks:
deny log

If you choose not to log, then you need a line:

Otherwise that which falls through isn't denied, obviously.

Doing router filters while fatigued is often a problematic process.
Try and work on them when you aren't so tired, unlike me when I
sent my first mail :sunglasses:

-george william herbert