Re: ipchains: drop a single IP address?
Derrick 'dman' Hudson <firstname.lastname@example.org> writes:
> On Fri, Jun 28, 2002 at 11:30:00AM -0400, Brian P. Flaherty wrote:
> | This works for me:
> | ipchains -A input -s 184.108.40.206 -j DENY -l
> Does this send back a "connection refused" packet? I forget what the
> target names are for ipchains, but with iptables you want to use
> "DROP" instead of "REJECT".
This drops it, no ICMP message is sent back. From the manpage:
ACCEPT means to let the packet through. DENY means to drop the
packet on the floor. REJECT means the same as drop, but is more
polite and easier to debug, since an ICMP message is sent back to
the sender indicating that the packet was dropped. (Note that DENY
and REJECT are the same for ICMP packets.)
> Here's a script for iptables that reads a blocklist of ip addresses
> from a set of files and DROPs all packets from them.
[ the rest deleted ]
That is really great. I have a file that simply contains line after
line of 'ipchains -A... ' for each address to be blocked. At least I
created the file in Emacs and didn't type most of it! It is much
more elegant to have a file of blocked IP's. (And for some reason, I
am usually not just happy with 'works', I prefer elegance.) And then
scripts to pull new blocked IP's to add to the list. Wonderful!
Have a great day.
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org