Michael Viron wrote:
> This depends.  Do you want to block them from services that utilize
> hosts.deny.  If so, add the ip address to /etc/hosts.deny.
> 
> Do you want to block network traffic from them entirely?  If so, use
> ipchains or iptables (depending on your kernel version) to block them.
> 
> Michael

To add to what Michael has said. If you're going to add the address to 
iptables rules to block the traffic the rule would look something like this:

iptables -A INPUT -p tcp --dport 20:10000 -s 216.0.0.0 -j DROP

-A = tells the kernel to append this rule to already existing INPUT 
table rules

INPUT = name of a table

-p = flag telling the kernel what protocol to apply this rule to. (must 
be specified when using the "--dport" argument.

tcp = protocol name

--dport = destination port where incoming packet is bound for.

20:10000 = expression specifying all ports from 20 thru 10000

-s = source IP address

-j = target

DROP = what to do with the packet when a match is detected.

-- 
daRcmaTTeR
----------
Registered Linux User 182496


Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Reply via email to