Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-16-2002, 06:55 PM   #1
LQ Newbie
Registered: Feb 2002
Distribution: RedHat 7
Posts: 1

Rep: Reputation: 0
Port 80 -- How to block from one specific domain? (RedHat 7.0)

Hello all...

I think what I need is some ipchains/firewall help. I'm a fairly experienced Linux user, but haven't done much with ipchains at all. I'm using RedHat 7.0.

Latley, I've been experiencing a strange problem in which my apache server is unreachable for 2-4 minutes, and then is fine again. This happens a few times per day. During the times it is going on, nmap shows the port as "filtered."

I finally caught it "in the act" today, and did a netstat, and found about a million connections on my port 80 from The screen just kept on scrolling with them. Now sure what they're doing or why, but I just want to block that domain from hitting my port 80.

In RedHat 7.0, what's the best way to do this? I assume I'll need an ipchains rule. I'm not sure what that rule would be, though. Also, I'm not sure where to put it so that it always runs at boot time (/etc/sysconfig/ipchains?).

Thanks in advance for any help you can offer.

Jeff C.
Old 02-17-2002, 04:50 PM   #2
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
(host has address
To block this domain, use rule:
/sbin/ipchains -A input -p tcp -i eth0 -s --destination-port 80 -j DENY

If RH 7.0 ipchains works like RH 7.1 iptables saves it's scripts it'll be saved at reboot time (IIRC), else you can use the ipchains-save script, else you can add the line to rc.local. Rc.local is a bad thing cuz if you manually reload rules it won't be taken into account. Rusty's old ipchains rpm package (again, IIRC) puts the firewall script in /etc/rc.d as rc.firewall, instead of using /etc/sysconfig.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
block specific users in squid alan.belizario Linux - Security 4 09-10-2005 12:43 AM
allow specific ip to browse the block site space_beyond Linux - Newbie 1 06-03-2005 10:15 AM
How to block specific IPs? cranium2004 Linux - Networking 3 04-01-2005 10:02 AM
How to hide and block a directory for a specific user hoolie_v Linux - Newbie 2 08-08-2004 08:14 AM
block specific ip addresses paperdiesel Linux - Security 3 07-21-2004 12:47 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:58 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration