banning an IP
I saw an ip addres of someone that I do not reconize, and I want to ban that ip, but I dont see where to do that. I configured lokkit, and I have the stock firewall (btw i am using red hat 8.0) can anyone tell me how to ban ip's or recomend a good firewall for rh8?
Thanks, Digsby |
Lokkit is based on netfilter (= iptables). netfilter is implemented in the linux kernel. There are no real firewalls besides netfilter since they all are just wrappers around netfilter.
To get more information, visit the homepage. You could then add a rule like that: iptables -A INPUT -i eth0 -s xxx.xxx.xxx.xxx/32 -j DROP |
but keep one thing in mind the person you ban if s/he diesnt have a static ip everytime s/he connects to internet ips will change and s/he connect to you again
|
good point nakkaya...heres a question for one of you gurus:
Can you ban mac addresses? |
yes, there is a solution provided by Trd79 at a thread I've started
you can check http://www.linuxquestions.org/questi...threadid=50347 for the solution. It is quite primitive ( ;-) ) though, and needs a little bit of modification. But it works. Thanks to Trd79 for that. |
You CAN ban mac addresses but remember that this just works in a network WITHOUT routers since AFAIR the MAC get's rewritten once it passes a router. The mac address will then ban the router's MAC adr ...
|
you could drop their whole range of ip's. the dynamic
ip's will probably fit in a certain range. dropping everything with the same first 3 numbers will probably do what you want. |
but then again, it will also probably effect someone else that's ok to connect to his computer... block ranges with caution
|
i'm just guessing that since he said it's
an address he didn't recognize, that he's only letting a few specific people in anyway. He would probably be fine to deny all and have a list he permits. Assuming he's trying to deny all that he doesn't know. |
yeah, makes sense, but he might just be browsing through the logs, and doesn't like some access to some ports or something, and wants to ban that computer for good measure...
|
How would one be able to block a range of ip's like say i wanted to block 12.34.*.* how can this be done?
|
To block entire subnets like that:
If you wanted to block all of 12.x.x.x, it would be 12.0.0.0/8 12.34.x.x would be: 12.34.0.0/16 12.34.56.x would be 12.34.56.0/24 And to block one IP with that notation it would be 12.34.56.78/32 |
All times are GMT -5. The time now is 01:50 PM. |