Core FTP

Hi,
I can't seem to get my access rules working right. I would like to deny access to everybody except a handful of locations. I have my first rules set to deny *.*.*.*, and then subsequent rules set to allow various sites, such as 123.456.*.* and 234.45*.*.*, however I can still log on from another PC on the network at 192.168.0.2. Can anybody shed any light on this for me? Thanks!

I'm on build 185 and still having problems with the access rules. Here's what I have set up:

Allow 69.210.*.*
Allow 198.7.*.*
Allow 12.164.*.*
Allow 69.11.*.*
Allow 70.10*.*.*
Deny *.*.*.*

This morning in my FTP log I had numerous logon attempts like this:

[#1] [20070420 07:13:30] [202.105.176.20] connected


I have shut down the server, re-booted, and started it up again multiple
times since I've set up these rules. Thanks for any help anybody can give me.

Here's the whole entry (repeated about a thousand times every day):

[#1] [20070424 01:00:35] [72.3.249.100] connected
[#1] [20070424 01:00:35] [Administrator] USER Administrator success
[#1] [20070424 01:00:35] [Administrator] USER Administrator success
[#1] [20070424 01:00:35] [Administrator] disconnected

Maybe I just don't understand what the access rules are doing. I would think that if an IP address was blocked, there wouldn't even be a "connected" message, but maybe I'm wrong?

This is just FTP/SSL.

He's not really logging on successfully, is he? I guess I assumed from the log that he connected and then sent a user name successfully, but then since there is no user name "Administrator", was disconnected.

Thanks for looking into this for me,
Brian

That is the way I have that rule set up, one of our offices has a static IP address, but the first grouping is alway 70 and the second always starts with 10 and then one varying digit (101,102,103, etc.). I hesitated about doing 70.*.*.*, since that would let in a lot wider range of addresses. I will try that though, and see if that makes a difference.