Re: Blocking an arbitrary port with ipfwadm
Damon Muller <damon@empire.net.au> writes:
> What I want to do is use ipfwadm to block a single port - namely 31337
> (UDP). For anyone who has had their head in the sand for the last few
> months, that's the port that Back Orrifice listens on by default.
ipfwadm -I -a reject -P udp -D 192.168.20.0/24 31337 -o
That's:
-I = check incoming packets.
-a reject = Let the sender know we're rejecting them. You can use
"-a deny" instead to drop them silently.
-P udp = UDP packets only.
-D 192.168.20.0/24 31337 = destination anywhere on your network (fix
this) on port 31337. Maybe "0.0.0.0/0 31337" to stop *your* users
connecting to another BO server.
-o = Log the address of the offender, so you can complain to their ISP.
This will also drop some legitimate UDP comms, if something happens to
grab port 31337 itself. I could live with this.
--
Carey Evans http://home.clear.net.nz/pages/c.evans/
"Is there anyone who actually believes that USAicans are so modest or
intellectually honest as to be unable to find someone to sue?" - Cameron Laird
Reply to: