On 01/27/2014 02:43 PM, Joseph L. Casale wrote: >> I have a rule in iptables to drop certain packets from addresses, like: >> >> iptables --list | grep 37 >> DROP all -- 37.0.0.0/8 anywhere >> >> So I am wondering how this got through??? >> >> [Jan 27 02:36:52] NOTICE[9298][C-000005ce] chan_sip.c: Call from '' ( >> 37.8.28.217:10024) to extension '888888011972592871997' rejected because >> extension not found in context 'default' >> >> Shouldn't the firewall have dropped it? > > Without more info, no one can help. Iptables are processed top down, have you > allowed something less specific above? A subnet, a protocol etc? or there is a forward somewhere ... without full iptables and network description it is not possible to evaluate your situation.. Adrian