Date: Sun, 4 Apr 2004 21:28:15 -0500 From: Eric F Crist <ecrist@adtechintegrated.com> To: freebsd-questions@freebsd.org Subject: Re: Simplest way to block a single IP? Message-ID: <200404042128.23399.ecrist@adtechintegrated.com> In-Reply-To: <5D4A40CA-86A7-11D8-991B-000A95A8D520@lunenburg.org> References: <5D4A40CA-86A7-11D8-991B-000A95A8D520@lunenburg.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-02=_HRMcAUBAv+9veHT Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 04 April 2004 09:17 pm, H.Wade Minter wrote: > I've got a system that's sending a ton of referral spam to websites on > my RELENG_4_9 system. I'd like to block them from accessing my system > at the TCP level. What's the best and easiest way to do this? > > I assume I'll need to recompile the kernel with IPFIREWALL or IPFILTER > support, then set up some rules. Does anyone have a recommendation for > a simple ruleset to block one particular IP? > > Thanks, > Wade If that's *really* all you want to do, setup your kernel config to=20 IPFIREWALL_DEFAULT_ACCEPT (or whatever it really is) and simply add a singl= e=20 rule to your firewall script. Add the following to your rc.conf file: firewall_enable=3D"YES" firewall_script=3D"/etc/localhost.firewall" create a file in /etc/ called localhost.firewall with the following text: ipfw -f flush ipfw add 100 deny all from <your_bad_ip_here> to me in --> via <oif> where <oif> is the device name for your outside ethernet adapter. all of=20 that's on one line, btw. restart the system, and you should be good to go. Make SURE you have conso= le=20 access when playing with firewall rules. Otherwise, you could block your s= sh=20 access. HTH =2D-=20 Eric F Crist AdTech Integrated Systems, Inc (612) 998-3588 --Boundary-02=_HRMcAUBAv+9veHT Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBAcMRHzdyDbTMRQIYRAh6GAJ0br5v8eX8Jom6Kd+NYJi3fzjIdLQCgrVES h4sIVneLdEtEAL6WJcSNst8= =OY4k -----END PGP SIGNATURE----- --Boundary-02=_HRMcAUBAv+9veHT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200404042128.23399.ecrist>