Take a look at gShield, an iptables script that is well documented with just about evey option you could want.
-----Original Message----- From: Anthony E. Greene [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 26, 2002 12:30 PM To: [EMAIL PROTECTED] Subject: Re: WWW Visitor Blocking At 08:47 2/26/2002 -0800, Redhat wrote: >How do you access ipchains/iptables from the command line? I have not yet worked with iptables, but it can probably be invoked directly from the command line just like ipchains: ipchains --append input --protocol tcp 80 --syn --source xxx.xxx.xxx.xxx --jump REJECT I generally build a shell script with all the necessary commands and call it from within rc.local. That lets me do things like parse resolv.conf for nameserver IP addresses and assign the network/netmask of my subnet as a string variable at the top of the script: lan='192.168.1.0/255.255.255.0' That way whenever I need to refer to my local subnet in a firewall rule, I just use the variable $lan. There's at least one HOWTO out there that describes setting up ipchains. Tony -- Anthony E. Greene <[EMAIL PROTECTED]> PGP Key: 0x6C94239D AOL/Yahoo Chat: TonyG05 Linux. the choice of a GNU generation. <http://www.linux.org/> _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
