Simplest way to block a single IP?

[JJB]

Kevin

I like your /etc/hosts.allow recommendation.

I have some scrip kids who target my web site just
to bump the visitor counter.

I read all the hosts.allow man pages but syntax
is still not clear.

If I understand things correctly, hosts.allow is enabled
all the time, but defaults to passing all tcp packets.

Are the following statements syntax correct

# all : all : all
httpd : .seed.tw : deny         #deny all from this domain
httpd : 80.0.0.0/8 : deny       #deny all from this domain
httpd : 67.20.132.43 : deny     #deny just this ip address
ftpd : 40.85.68.60 : deny       #deny just this ip address
all : all : all

-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Kevin D.
Kinsey, DaleCo, S.P.
Sent: Sunday, April 04, 2004 10:28 PM
To: H.Wade Minter
Cc: FreeBSD Mailing List
Subject: Re: Simplest way to block a single IP?

H.Wade Minter wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I've got a system that's sending a ton of referral spam to
websites
> on my RELENG_4_9 system.  I'd like to block them from accessing
> my system at the TCP level.  What's the best and easiest way to do
this?
>
> I assume I'll need to recompile the kernel with IPFIREWALL or
> IPFILTER support, then set up some rules.  Does anyone have
> a recommendation for a simple ruleset to block one particular IP?
>
> Thanks,
> Wade


I have a better recommendation than that.

Since it's just one IP, have a look at /etc/hosts.allow.

The syntax and comments there should enlighten
you greatly as to what to do....

Then, sit back and smile && enjoy a beverage
as tcpwrappers sends this c*** to a "virtual"
oblivion ...

Kevin Kinsey
DaleCo, S.P.
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"