Simplest way to block a single IP?
Barbish3 at adelphia.net
Mon Apr 5 09:43:36 PDT 2004
I like your /etc/hosts.allow recommendation.
I have some scrip kids who target my web site just
to bump the visitor counter.
I read all the hosts.allow man pages but syntax
is still not clear.
If I understand things correctly, hosts.allow is enabled
all the time, but defaults to passing all tcp packets.
Are the following statements syntax correct
# all : all : all
httpd : .seed.tw : deny #deny all from this domain
httpd : 220.127.116.11/8 : deny #deny all from this domain
httpd : 18.104.22.168 : deny #deny just this ip address
ftpd : 22.214.171.124 : deny #deny just this ip address
all : all : all
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Kevin D.
Kinsey, DaleCo, S.P.
Sent: Sunday, April 04, 2004 10:28 PM
To: H.Wade Minter
Cc: FreeBSD Mailing List
Subject: Re: Simplest way to block a single IP?
H.Wade Minter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> I've got a system that's sending a ton of referral spam to
> on my RELENG_4_9 system. I'd like to block them from accessing
> my system at the TCP level. What's the best and easiest way to do
> I assume I'll need to recompile the kernel with IPFIREWALL or
> IPFILTER support, then set up some rules. Does anyone have
> a recommendation for a simple ruleset to block one particular IP?
I have a better recommendation than that.
Since it's just one IP, have a look at /etc/hosts.allow.
The syntax and comments there should enlighten
you greatly as to what to do....
Then, sit back and smile && enjoy a beverage
as tcpwrappers sends this c*** to a "virtual"
freebsd-questions at freebsd.org mailing list
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions