In the directory where PortSentry is installed is a file called
portsentry.ignore. Add the IPs you wanted ignore to this file, remove or
uncomment IP in /etc/hosts.deny and ipchains -D input -s $TARGET$ -j DENY -l
Kill and restart PortSentry!
----- Original Message -----
From: "Daniel Woods" <[EMAIL PROTECTED]>
To: "Expert Linux list" <[EMAIL PROTECTED]>
Sent: Thursday, August 31, 2000 10:24 PM
Subject: [expert] /sbin/route: delete problem
> I use PortSentry which works great, and helps to keep out
> the little buggers. Problem is that sometimes that bugger
> is me coming in from a new machine to test with. Once I do,
> that machine is now banned via
> /sbin/route add -host 1.2.3.4 reject
>
> How do I un-do the route command to allow access again ?
>
> The man page says to use 'route del -host 1.2.3.4', but
> that won't work "SIOCDELRT: No such process".
> I know that restarting portsentry will flush out the files and
> that rebooting will then that clear up *all* blocks.
> And obviously not what I want to do on a production server.
> I've had to manually create a banned file that does all the
> route commands after portsentry is restarted.
> What else, besides manually adding these hosts to rc.firewall ?
>
> BTW, I also recommend LogCheck at http://www.psionic.com
>
> Thanks... Dan.
>
>
>
