Re: syntax to drop a single address?
Jean Christophe ANDRÃ <jean-christophe.andre@auf.org> writes:
> Dave Price écrivait :
>> Hello,
>> I am trying to find the iptables syntax to drop all traffic from a
>> single address ... equivalent to
>> ipchains -I input -s nn.nn.nn.nnn -j DENY -l
>
> iptables -N LOGDROP
> iptables -A LOGDROP -j LOG
> iptables -A LOGDROP -j DROP
>
> iptables -I input -s $BADIP -j LOGDROP
Please do not use all-upercase chain names, use the MixedCase
convention. Names such as LogDrop won't conflict with future kernel
and/or userspace extensions.
--
Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT fax +49-711-685-5898
Reply to: