Simplest way to block a single IP?
Eric F Crist
ecrist at adtechintegrated.com
Sun Apr 4 19:28:25 PDT 2004
On Sunday 04 April 2004 09:17 pm, H.Wade Minter wrote:
> I've got a system that's sending a ton of referral spam to websites on
> my RELENG_4_9 system. I'd like to block them from accessing my system
> at the TCP level. What's the best and easiest way to do this?
>
> I assume I'll need to recompile the kernel with IPFIREWALL or IPFILTER
> support, then set up some rules. Does anyone have a recommendation for
> a simple ruleset to block one particular IP?
>
> Thanks,
> Wade
If that's *really* all you want to do, setup your kernel config to
IPFIREWALL_DEFAULT_ACCEPT (or whatever it really is) and simply add a single
rule to your firewall script.
Add the following to your rc.conf file:
firewall_enable="YES"
firewall_script="/etc/localhost.firewall"
create a file in /etc/ called localhost.firewall with the following text:
ipfw -f flush
ipfw add 100 deny all from <your_bad_ip_here> to me in
--> via <oif>
where <oif> is the device name for your outside ethernet adapter. all of
that's on one line, btw.
restart the system, and you should be good to go. Make SURE you have console
access when playing with firewall rules. Otherwise, you could block your ssh
access.
HTH
--
Eric F Crist
AdTech Integrated Systems, Inc
(612) 998-3588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040404/7783c7d6/attachment.bin
More information about the freebsd-questions
mailing list