LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-08-2003, 09:18 PM   #1
chrisknight
Member
 
Registered: Jan 2003
Location: ohio
Distribution: CentOS5.5, SmoothWall 3.0
Posts: 139

Rep: Reputation: 15
Question Block access by ip address on Smoothwall.


I have an apache web server and vsftpd server behind a smoothwall box.
I have noticed suspicious activity on my IDS logs and Iím wondering if there is a way to block that IP or range of IPís from accessing any service I am running.
 
Old 09-09-2003, 02:38 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 66
Take a look at the "services -> external service access" page.
 
Old 09-09-2003, 05:35 PM   #3
chrisknight
Member
 
Registered: Jan 2003
Location: ohio
Distribution: CentOS5.5, SmoothWall 3.0
Posts: 139

Original Poster
Rep: Reputation: 15
I understand that in 'external service access" you can define what ip addresses you want to grant access, and leave the space blank for "ALL".

I.E. Leave the space blank for port 80, and every IP gets access.
Define 65.25.25.25 for port 80 and only that IP gets access.

I want to do the opposite. I want to allow everyone but block specific IP or range of IP's.

I dont want to define who can get access.
I want to define who can't.
 
Old 09-13-2003, 08:03 AM   #4
chrisknight
Member
 
Registered: Jan 2003
Location: ohio
Distribution: CentOS5.5, SmoothWall 3.0
Posts: 139

Original Poster
Rep: Reputation: 15
I tried to do:
iptables -I INPUT -s 65.0.0.0/24 -j DROP
But it didnt work.
Im still getting hammered by this "ICMP PING CyberKit 2.2 Windows" from various IP's. 1-5 a minute consistently, even though I an dropping ICMP echo requests from the outside world.

This thread relates to this one:
http://www.linuxquestions.org/questi...threadid=89681
 
Old 09-13-2003, 12:23 PM   #5
chrisknight
Member
 
Registered: Jan 2003
Location: ohio
Distribution: CentOS5.5, SmoothWall 3.0
Posts: 139

Original Poster
Rep: Reputation: 15
This is really what I need I guess...

http://assets.smoothwall.net/assets/...figuration.png
 
Old 09-15-2003, 05:07 PM   #6
chrisknight
Member
 
Registered: Jan 2003
Location: ohio
Distribution: CentOS5.5, SmoothWall 3.0
Posts: 139

Original Poster
Rep: Reputation: 15
OK, found the answer.
This is if you wish to block an internet ip range from accessing anything from your IP.

edit /etc/rc.d/rc.firewall.up, and immediately after the line containing:
iptables -P OUTPUT ACCEPT
add this:
iptables -A INPUT -p all -s a.0.0.0/8 -j DROP
where a. is the range you want to block
like this:
iptables -A INPUT -p all -s 65.0.0.0/8 -j DROP

Last edited by chrisknight; 09-17-2003 at 07:42 AM.
 
Old 09-21-2003, 09:57 AM   #7
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 66
Sorry for the late reply - I have been on holiday for a week.

Good to see you got it working.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
block mac address Ammad Linux - General 1 09-11-2005 02:00 PM
block yahoo messenger by ip address gsr_kashyap Linux - Software 3 11-10-2004 01:13 AM
block ip address/hosts sohmc Linux - Security 3 09-19-2004 12:13 PM
Configure Smoothwall to block ping? chrisknight Linux - Software 10 09-15-2003 05:21 PM
how to change ip address of smoothwall bluemoon Linux - Networking 1 06-18-2003 12:16 AM


All times are GMT -5. The time now is 10:48 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration