Re: Blocking an arbitrary port with ipfwadm

To: debian-user@lists.debian.org
Subject: Re: Blocking an arbitrary port with ipfwadm
From: Carey Evans <c.evans@clear.net.nz>
Date: 28 Nov 1998 11:51:23 +1300
Message-id: <[🔎] 87u2zkwxzo.fsf@psyche.evansnet>
In-reply-to: Damon Muller's message of "Sat, 28 Nov 1998 01:00:49 +1100"
References: <[🔎] 365EBEA1146.D593DAMON@mail.empire.net.au>

Damon Muller <damon@empire.net.au> writes:

> What I want to do is use ipfwadm to block a single port - namely 31337 
> (UDP). For anyone who has had their head in the sand for the last few
> months, that's the port that Back Orrifice listens on by default.

ipfwadm -I -a reject -P udp -D 192.168.20.0/24 31337 -o

That's:
  -I = check incoming packets.
  -a reject = Let the sender know we're rejecting them.  You can use
    "-a deny" instead to drop them silently.
  -P udp = UDP packets only.
  -D 192.168.20.0/24 31337 = destination anywhere on your network (fix 
    this) on port 31337.  Maybe "0.0.0.0/0 31337" to stop *your* users
    connecting to another BO server.
  -o = Log the address of the offender, so you can complain to their ISP.

This will also drop some legitimate UDP comms, if something happens to 
grab port 31337 itself.  I could live with this.

-- 
	 Carey Evans  http://home.clear.net.nz/pages/c.evans/

"Is there anyone who actually believes that USAicans are so modest or
intellectually honest as to be unable to find someone to sue?" - Cameron Laird

Reply to:

References:
- Blocking an arbitrary port with ipfwadm
  - From: Damon Muller <damon@empire.net.au>

Prev by Date: Re: virtual hosts
Next by Date: Re: procmail ........ (again)
Previous by thread: Blocking an arbitrary port with ipfwadm
Next by thread: Please Help! Broke lots with apt-get...
Index(es):
- Date
- Thread