Hi Wayne, first save your current configuration in case of mishap! just set up an outbound filter as deny, protected interface, any protocol, use IP address, <the ip address you want to block>, netmask 255.255.255.255 to make it unique to that IP, and any address for the destination.
Leave everything else as default and it should work just fine. You can log attempts to access if you want, your ploeasure. If you need more just make another filter for each. If you have a block of IPs there are probably some tricky ways to use the netmask so that one filter can do many but the IPs have to be just so to fit the mask. Easy way to check the log to see if its doing what you want if you log the attempts is to go to the log folder and do a copy of the current syslog.txt and then paste it back. That way you can open it up without affecting the logger when it running. Have at it but do backup that config first... Jonny -- On Wed, 23 Feb 2000 15:16:37 wayne.ellyson wrote: >Send postings to: [EMAIL PROTECTED] >Access the list archives at: >http://www.gnatbox.com/gb-users/ >---------------------------------- > > >What is the best way to deny access to the internet for individual IP >addresses? I assume it would be an outbound filter, but how should the >filter be configured? > >Thanks, >Wayne > > >---------------------------------------------- >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe gb-users your_email_address >in the body of the message > --== Sent via Deja.com http://www.deja.com/ ==-- Share what you know. Learn what you don't.
