Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 08-09-2006, 04:10 PM   #1
Registered: Mar 2006
Location: Oakville
Distribution: Mandrake
Posts: 37

Rep: Reputation: 15
firewall rule or host.allow

I have been watching my logs and I have some guy tryn to get at my DNS server, which I dont even have :| makes sense no? anyhow I want to block his whole class C address range.

How should I go about this, I have shorewall as my firewall which is working well right now. I see it dropping the packets but I dont want that in my logs anymore I just want to cut him off. Is there a rule in shorewall to deny all always, or should I just deny him in hosts.allow?

Old 08-09-2006, 04:51 PM   #2
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
you could use a simple iptables command like (example):
iptables -I INPUT -s -j DROP
(replace with his actual subnet) this makes any incoming packets from the guy's subnet to get sent to DROP, without logging them...

Last edited by win32sux; 08-09-2006 at 04:53 PM.
Old 08-09-2006, 05:58 PM   #3
Registered: Mar 2006
Location: Oakville
Distribution: Mandrake
Posts: 37

Original Poster
Rep: Reputation: 15
ahhh thanks did the trick I am gonna do that for all the people that go after port 53 or the gnutella one.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
newbie - firewall rule danimalz Linux - Security 3 07-30-2005 08:25 AM
APF Firewall Rule Help embsupafly Linux - Security 1 03-09-2005 12:00 AM
is this firewall rule safe? melinda_sayang Linux - Security 1 12-21-2004 08:44 AM
Need A Firewall Rule linuxboy69 Linux - Software 1 11-26-2003 05:29 PM
how to drop all packets to one host with the default rule of accept dan5009 Linux - Security 1 08-20-2003 06:55 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:13 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration