cool, thanks a lot. It's been done. as a side note, anyone here seeing a lot of port scans and whatnot from Asian addresses? I'm getting hit an awful lot from Japan.
----- Original Message ----- From: "daRcmaTTeR" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, July 14, 2002 4:28 PM Subject: Re: [expert] blocking an ip address > Michael Viron wrote: > > This depends. Do you want to block them from services that utilize > > hosts.deny. If so, add the ip address to /etc/hosts.deny. > > > > Do you want to block network traffic from them entirely? If so, use > > ipchains or iptables (depending on your kernel version) to block them. > > > > Michael > > To add to what Michael has said. If you're going to add the address to > iptables rules to block the traffic the rule would look something like this: > > iptables -A INPUT -p tcp --dport 20:10000 -s 216.0.0.0 -j DROP > > -A = tells the kernel to append this rule to already existing INPUT > table rules > > INPUT = name of a table > > -p = flag telling the kernel what protocol to apply this rule to. (must > be specified when using the "--dport" argument. > > tcp = protocol name > > --dport = destination port where incoming packet is bound for. > > 20:10000 = expression specifying all ports from 20 thru 10000 > > -s = source IP address > > -j = target > > DROP = what to do with the packet when a match is detected. > > -- > daRcmaTTeR > ---------- > Registered Linux User 182496 > > > ---------------------------------------------------------------------------- ---- > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
