Block IP
Kevin D. Kinsey, DaleCo, S.P.
kdk at daleco.biz
Tue Nov 25 22:24:51 PST 2003
Cordula's Web wrote:
>>Can I block a certain IP address at the machine or interface level using
>>freebsd? (No at the Apache or Sendmail level).
>>
>>
>
>Quick and dirty fix:
>
># route add 1.2.3.4 127.0.0.1
>
>All ACKs to 1.2.3.4 would not be able to reach their destination,
>and no TCP connections could be established this way. Moreoever,
>no UDP or ICMP packets would reach the blocked IP address.
>
>You can also block a whole subnet this way.
>
>
>
That's a wonderful hack!
What about
all: 1.2.3.4 :deny
in /etc/hosts.allow?
Kevin Kinsey
DaleCo, S.P.
More information about the freebsd-questions
mailing list