Thanks for the input. Figured it out.
I used:
ipchains -I input 20 -s 111.222.333.444 -j DROP
And it apparently did the trick. (the 20 is just what placement it got put, after other stuff, before other rejects, and obviously the IP is bogus here to protect the moronic).
Wouldn't have had to bother, if the dope wasn't pinging every port on the machine exactly every 5 minutes. What a F***up.
|