LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-09-2006, 04:10 PM   #1
Super7
Member
 
Registered: Mar 2006
Location: Oakville
Distribution: Mandrake
Posts: 37

Rep: Reputation: 15
firewall rule or host.allow


I have been watching my logs and I have some guy tryn to get at my DNS server, which I dont even have :| makes sense no? anyhow I want to block his whole class C address range.

How should I go about this, I have shorewall as my firewall which is working well right now. I see it dropping the packets but I dont want that in my logs anymore I just want to cut him off. Is there a rule in shorewall to deny all always, or should I just deny him in hosts.allow?

Thanks
 
Old 08-09-2006, 04:51 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
you could use a simple iptables command like (example):
Code:
iptables -I INPUT -s 200.200.200.200/24 -j DROP
(replace 200.200.200.200/24 with his actual subnet) this makes any incoming packets from the guy's subnet to get sent to DROP, without logging them...

Last edited by win32sux; 08-09-2006 at 04:53 PM.
 
Old 08-09-2006, 05:58 PM   #3
Super7
Member
 
Registered: Mar 2006
Location: Oakville
Distribution: Mandrake
Posts: 37

Original Poster
Rep: Reputation: 15
ahhh thanks did the trick I am gonna do that for all the people that go after port 53 or the gnutella one.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
newbie - firewall rule danimalz Linux - Security 3 07-30-2005 08:25 AM
APF Firewall Rule Help embsupafly Linux - Security 1 03-09-2005 12:00 AM
is this firewall rule safe? melinda_sayang Linux - Security 1 12-21-2004 08:44 AM
Need A Firewall Rule linuxboy69 Linux - Software 1 11-26-2003 05:29 PM
how to drop all packets to one host with the default rule of accept dan5009 Linux - Security 1 08-20-2003 06:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:13 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration