I tried to use IP tables at one point but it didn't seem to stick after a reboot. Soon as I shut down then brought back the Endian box the rule was gone. Is there something that needs done to "commit" the rule?
Brains wrote: > > Such an ugly workaround for something that is ideally as simple as: > iptables -A INPUT --src xx.xx.xx.xx --dport 21 -j DROP > > > > On Tue, Nov 25, 2008 at 9:46 PM, Herb Hill <[EMAIL PROTECTED]> wrote: > >> Just a thought- how about efw outbound rules to block traffic from >> behind >> efw that has a destination of the ip you want to block? Getting nothing >> back might dissuade him from trying further. Or, put a port forward rule >> at >> the top of your list that forwards ftp ports to a non existant internal >> IP >> when the source IP is the one that is hacking you. >> >> Might work. >> >> ----- Original Message ----- >> From: "danodemano" <[EMAIL PROTECTED]> >> To: <[email protected]> >> Sent: Tuesday, November 25, 2008 7:57 PM >> Subject: Re: [Efw-user] Block IP from RED Interface >> >> >> > >> > I know this, which is why I want to block certain IP's. I have no >> problem >> > with SSH, I don't allow access from the outside, only through a VPN >> > tunnel. >> > I could use a different port for the FTP but there are a number of >> people >> > who already know and use it the way that it is configured so that's >> easier >> > said than done. >> > >> > compdoc wrote: >> >> >> >> ftp and ssh ports are just going to be tested. No way to use >> >> a different port number for ftp? >> >> >> >> I always keep the ssh service disabled until I need it... >> >> >> >> >> >> >> >> -----Original Message----- >> >> From: danodemano [mailto:[EMAIL PROTECTED] >> >> Sent: Tuesday, November 25, 2008 4:29 PM >> >> To: [email protected] >> >> Subject: Re: [Efw-user] Block IP from RED Interface >> >> >> >> >> >> Guess that's a no. I have a new IP now that's hacking on it >> >> and some 600 >> >> PAGES of logs just since this morning. It would be very >> >> nice to be able to >> >> block this (these) IP addresses. ;) >> >> >> >> danodemano wrote: >> >>> >> >>> I have a, what I hope to be, quick question. I have an IP >> >> address that is >> >>> hacking on the FTP server sitting behind my Endian box. >> >> The server is >> >>> NATed. Just in the past about 12 hours, it's filled up >> >> nearly 400 pages >> >>> in my IDS logs. Is there a simply way to just outright >> >> ban this IP? >> >>> Thanks for your help! >> >>> >> >> >> >> -- >> >> View this message in context: >> >> http://www.nabble.com/Block-IP-from-RED-Interface-tp20564483 >> >> p20691782.html >> >> Sent from the efw-user mailing list archive at Nabble.com. >> >> >> >> >> >> ------------------------------------------------------------ >> >> ------------- >> >> This SF.Net email is sponsored by the Moblin Your Move >> >> Developer's challenge >> >> Build the coolest Linux based applications with Moblin SDK & >> >> win great prizes >> >> Grand prize is a trip for two to an Open Source event >> >> anywhere in the world >> >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> >> _______________________________________________ >> >> Efw-user mailing list >> >> [email protected] >> >> https://lists.sourceforge.net/lists/listinfo/efw-user >> >> >> >> >> >> >> ------------------------------------------------------------------------- >> >> This SF.Net email is sponsored by the Moblin Your Move Developer's >> >> challenge >> >> Build the coolest Linux based applications with Moblin SDK & win great >> >> prizes >> >> Grand prize is a trip for two to an Open Source event anywhere in the >> >> world >> >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> >> _______________________________________________ >> >> Efw-user mailing list >> >> [email protected] >> >> https://lists.sourceforge.net/lists/listinfo/efw-user >> >> >> >> >> > >> > -- >> > View this message in context: >> > >> http://www.nabble.com/Block-IP-from-RED-Interface-tp20564483p20692806.html >> > Sent from the efw-user mailing list archive at Nabble.com. >> > >> > >> > >> ------------------------------------------------------------------------- >> > This SF.Net email is sponsored by the Moblin Your Move Developer's >> > challenge >> > Build the coolest Linux based applications with Moblin SDK & win great >> > prizes >> > Grand prize is a trip for two to an Open Source event anywhere in the >> > world >> > http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> > _______________________________________________ >> > Efw-user mailing list >> > [email protected] >> > https://lists.sourceforge.net/lists/listinfo/efw-user >> > >> >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's >> challenge >> Build the coolest Linux based applications with Moblin SDK & win great >> prizes >> Grand prize is a trip for two to an Open Source event anywhere in the >> world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> Efw-user mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/efw-user >> > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Efw-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/efw-user > > -- View this message in context: http://www.nabble.com/Block-IP-from-RED-Interface-tp20564483p20699718.html Sent from the efw-user mailing list archive at Nabble.com. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
