Actually, if you want it to survive a reboot, put the line, minus the ipchains into /etc/sysconfig/ipchains.
You can specify netblocks by doing something like 192.168.0.0/255.255.255.0 or /24. Michael -- Michael Viron Project Manager / Primary Developer General Education Online http://www.findaschool.org At 11:24 AM 7/22/2002 -0700, you wrote: >I was checking my logcheck report this morning and found that yesterday, >someone actually tried to brute-force attach my FTP server. The attacks >all came the same address within .prodigy.net.mx. My first reaction was to >put a "551 GO AWAY" line into my hosts.deny file for .prodigy.net.mx. But >I'm thinking I might just want to just drop the packets silently instead. >I think that's where ipchains come into play. Can someone give me the >syntax for doing that? Also, it's easy enough to just put the IP address >that attacked yesterday into it (BTW, does putting it into a command-line >ipchains call survive through a reboot, or do I need to add it to my >rc.local file to make sure it's there after every reboot?), but is there a >way to specify a range of addresses with ipchains? > > --Dave >-- > David Guntner GEnie: Just say NO! > http://www.akaMail.com/pgpkey/davidg or key server > for PGP Public key > > >Want to buy your Pack or Services from MandrakeSoft? >Go to http://www.mandrakestore.com >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com