LinuxQuestions.org - How to ban a certain site to a certain IP in dansguardian?

There are a couple of ways to do this; the easiest one is an entry in /etc/hosts.deny:

Code:

ALL: 201.11.209.251

(The above is an actual address I've blocked because someone at that address attempted to break in.)

Another way is to create an entry for IPTABLES and block the entire domain (on the principle that if a domain permits this kind of activity, you don't want any traffic from that domain). Using the above bad actor address,

Code:

prompt: whois 201.11.209.251

(this returns a lot of stuff, but what you're interesting in is)

inetnum:    201.11/16

aut-num:    AS8167

abuse-c:    BTA17

owner:      Brasil Telecom S/A - Filial Distrito Federal

ownerid:    076.535.764/0326-90

responsible: Brasil Telecom S. A. - CNBRT

country:    BR

owner-c:    BTC14

tech-c:      BTC14

inetrev:    201.11.209/24

nserver:    ns03-cta.brasiltelecom.net.br 

nsstat:      20101121 AA

nslastaa:    20101121

nserver:    ns04-bsa.brasiltelecom.net.br 

nsstat:      20101121 AA

nslastaa:    20101121

created:    20040429

changed:    20040429

You create an entry using IPTABLES to forbid any system in that range with

Code:

sudo

prompt: iptables -A INPUT -s 201.11.209.0/24 -j DROP

By far, the easiest is the entry in /etc/hosts.deny (and either is effective).

If you have some number if IP addresses you wish to block, simply create a file containing entries for those address ranges:

Code:

iptables -A INPUT -s 212.156.0.0/16 -j DROP

iptables -A INPUT -s 212.156.0.0/17 -j DROP

Save those in a file, make the file executable (chmod 755 filename) and either execute manually after each system boot or execute it from the local start-up your system supports (in, for example, /etc/rc.d/rc.local or something similar).

Now, forwarding that to a particular server is a little more tricky depending upon how the forwarded server wants a message constructed (say, an e-mail?).

Hope this helps some.