Date: Mon, 11 Oct 2004 19:09:14 +0900 From: Rob <spamrefuse@yahoo.com> To: pelle@spd.nu, freebsd-questions@freebsd.org Subject: Re: Adding network & IP to hosts.deny Message-ID: <416A5BCA.3020708@yahoo.com> In-Reply-To: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAArvdSa/sjb0OI1eLKLXuK1sKAAAAQAAAAnNdJfVuVREajW0jiKTPoYAEAAAAA@spd.nu> References: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAArvdSa/sjb0OI1eLKLXuK1sKAAAAQAAAAnNdJfVuVREajW0jiKTPoYAEAAAAA@spd.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
Pelle Andersson wrote: > Hi! > > I have a lot of login attempts from various networks and IP addresses > on my FBSD 4.10 server. I have read the man pages for hosts.deny but > do not understand how to add networks and IP addresses to it. > > Let's say I want to block the network address 192.168.100.0 and/or > the IP address 192.168.135.77. As far as I understood, the use of /etc/hosts.deny is (going to be?) depreciated. Instead use deny rules in /etc/hosts.allow. For example: ALL : 192.168.100.0 192.168.135.77 : deny This does: for all services that actually using the /etc/hosts.allow, it will deny all access by these two IP numbers. However, notice that there are services that do not use the hosts.allow, and those won't be affected. So if you want a full proof block of these IP numbers, you better make a firewall rule to deny their access. Rob.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?416A5BCA.3020708>