[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipchains-list
Subject:    Re: blacklisting IP addresses
From:       Justin Shore <listuser () neo ! pittstate ! edu>
Date:       2001-10-30 15:34:33
[Download RAW message or body]

I use Portsentry for this very purpose.  I simply used KILL_ROUTE in 
Portsentry to block the offending IP.

KILL_ROUTE="echo $TARGET$ >> /etc/firewall/ban.dat; /sbin/ipchains -I 
input -s $
TARGET$ -i eth0 -j DENY -l"



I also append the IP to a text file that my personal firewall reads 
at each restart.  That way a simple restart won't erase my Portsentry 
blacklist.  Simple.  Clean.  Free.

Justin
-- 

--
Justin Shore, ES-SS ES-SSR      Pittsburg State University
Network & Systems Manager       Kelce 157Q
Office of Information Systems   Pittsburg, KS 66762
Voice: (620) 235-4606           Fax: (620) 235-4545
http://www.pittstate.edu/ois/

Warning:  This message has been quadruple Rot13'ed for your protection.

[prev in list] [next in list] [prev in thread] [next in thread]