ipchains: add static IP global ban?

ifm · 08-25-2002, 12:20 PM

How would I add a single IP to ipchains to globally ban on every port on the system?

TruckStuff · 08-25-2002, 04:57 PM

ipchains -a input -p tcp -s a.b.c.d -j REJECT

and so on for each protocol. I'm not sure off the top of my head if you can use the -s switch without specifying the protocol, but you may be able to drop the "-p tcp".

sharper · 08-25-2002, 08:33 PM

Not sure about ipchains, but iptables accepts 'all' as a protocol so you only have to write the rule once.

And why use REJECT instead of DROP?

ifm · 08-25-2002, 11:49 PM

Thanks for the input. Figured it out.

I used:
ipchains -I input 20 -s 111.222.333.444 -j DROP

And it apparently did the trick. (the 20 is just what placement it got put, after other stuff, before other rejects, and obviously the IP is bogus here to protect the moronic).

Wouldn't have had to bother, if the dope wasn't pinging every port on the machine exactly every 5 minutes. What a F***up.