Date: Wed, 26 Nov 2003 00:24:53 -0600 From: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz> To: cpghost@cordula.ws Cc: grant@thenetnow.com Subject: Re: Block IP Message-ID: <3FC44735.8080503@daleco.biz> In-Reply-To: <200311260058.hAQ0wu93048845@fw.farid-hajji.net> References: <00c001c3b3a9$9d7fa8e0$6401a8c0@grant> <200311260058.hAQ0wu93048845@fw.farid-hajji.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Cordula's Web wrote: >>Can I block a certain IP address at the machine or interface level using >>freebsd? (No at the Apache or Sendmail level). >> >> > >Quick and dirty fix: > ># route add 1.2.3.4 127.0.0.1 > >All ACKs to 1.2.3.4 would not be able to reach their destination, >and no TCP connections could be established this way. Moreoever, >no UDP or ICMP packets would reach the blocked IP address. > >You can also block a whole subnet this way. > > > That's a wonderful hack! What about all: 1.2.3.4 :deny in /etc/hosts.allow? Kevin Kinsey DaleCo, S.P.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FC44735.8080503>