[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipchains: drop a single IP address?

On Fri, Jun 28, 2002 at 11:30:00AM -0400, Brian P. Flaherty wrote:
| This works for me:
| ipchains -A input -s -j DENY -l

Does this send back a "connection refused" packet?  I forget what the
target names are for ipchains, but with iptables you want to use
"DROP" instead of "REJECT".

Here's a script for iptables that reads a blocklist of ip addresses
from a set of files and DROPs all packets from them. 



for F in $FLIST ; do
    if [ -f $F ] ; then
        for IP in `cat $F` ; do
            iptables -A INPUT -s "$IP" -j DROP

(you can easily convert that to ipchains

I also have a script that will read through apache's error log to add
addresses to this list (after notifying all users on their domain with
'net send' :-)).  Let me know if you want that too.



Misfortune pursues the sinner,
but prosperity is the reward for the righteous.
        Proverbs 13:21

Attachment: pgpkx5BWRLqmT.pgp
Description: PGP signature

Reply to: