[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: syntax to drop a single address?

Jean Christophe ANDRÉ <jean-christophe.andre@auf.org> writes:

> Dave Price écrivait :
>> Hello,
>> I am trying to find the iptables syntax to drop all traffic from a
>> single address ... equivalent to 
>> ipchains -I input -s nn.nn.nn.nnn  -j DENY -l
>
> iptables -N LOGDROP
> iptables -A LOGDROP -j LOG
> iptables -A LOGDROP -j DROP
>
> iptables -I input -s $BADIP -j LOGDROP

Please do not use all-upercase chain names, use the MixedCase
convention.  Names such as LogDrop won't conflict with future kernel
and/or userspace extensions.

-- 
Florian Weimer 	                  Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898
Reply to: