Date: Sun, 4 Apr 2004 21:28:15 -0500 From: Eric F Crist <ecrist@adtechintegrated.com> To: freebsd-questions@freebsd.org Subject: Re: Simplest way to block a single IP? Message-ID: <200404042128.23399.ecrist@adtechintegrated.com> In-Reply-To: <5D4A40CA-86A7-11D8-991B-000A95A8D520@lunenburg.org> References: <5D4A40CA-86A7-11D8-991B-000A95A8D520@lunenburg.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Sunday 04 April 2004 09:17 pm, H.Wade Minter wrote: > I've got a system that's sending a ton of referral spam to websites on > my RELENG_4_9 system. I'd like to block them from accessing my system > at the TCP level. What's the best and easiest way to do this? > > I assume I'll need to recompile the kernel with IPFIREWALL or IPFILTER > support, then set up some rules. Does anyone have a recommendation for > a simple ruleset to block one particular IP? > > Thanks, > Wade If that's *really* all you want to do, setup your kernel config to IPFIREWALL_DEFAULT_ACCEPT (or whatever it really is) and simply add a single rule to your firewall script. Add the following to your rc.conf file: firewall_enable="YES" firewall_script="/etc/localhost.firewall" create a file in /etc/ called localhost.firewall with the following text: ipfw -f flush ipfw add 100 deny all from <your_bad_ip_here> to me in --> via <oif> where <oif> is the device name for your outside ethernet adapter. all of that's on one line, btw. restart the system, and you should be good to go. Make SURE you have console access when playing with firewall rules. Otherwise, you could block your ssh access. HTH -- Eric F Crist AdTech Integrated Systems, Inc (612) 998-3588 [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBAcMRHzdyDbTMRQIYRAh6GAJ0br5v8eX8Jom6Kd+NYJi3fzjIdLQCgrVES h4sIVneLdEtEAL6WJcSNst8= =OY4k -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200404042128.23399.ecrist>