[Leaf-user] Traffic blocking script

Wed, 20 Jun 2001 13:16:23 -0700 

Greetings all:
    I'm putting together a small script that I can use
to block certain types of traffic. In it, I have a
number ipchains commands that block traffic coming in
or leaving on a particular port. (I'm trying to block
streaming audio/video traffic from my WAN at the
firewall). When I attempt to run this script, I get
numerous "not found" errors. Here's a copy of the
file:

# !/bin/sh
#
# File: /etc/init.d/block.sh
# 
# Script file to block unwanted traffic from entering
protected network
#

#######################################################################
# SECTION 1 - SETUP
#######################################################################

# Run after other network services/configurations are
run
RCDLINKS="2,S49"

#######################################################################
# SECTION 2 - TRAFFIC BLOCKS
#######################################################################

# Block RealPlayer{tm} content
/sbin/ipchains -I input -j DENY -p tcp -s 0/0 7070 -d
0/0 -i eth1
/sbin/ipchains -I input -j DENY -p tcp -s 0/0 554 -d
0/0 -i eth1
/sbin/ipchains -I input -j DENY -p udp -s 0/0
6970:7170 -d 0/0 -i eth0

# Block Windows Media Services{tm}
/sbin/ipchains -I input -j DENY -p tcp -s 0/0 1755 -d
0/0 -i eth1

# Block Napster{tm}
/sbin/ipchains -I input -j DENY -p tcp -s 0/0 6699 -d
0/0 -i eth1
/sbin/ipchains -I input -j DENY -p tcp -s 0/0 6699 -d
0/0 -i eth0

# Block Shoutcast Media{tm}
# These ports are a guess, based upon observation. I
haven't been
# able to find where Shoutcast publishes the actual
port numbers.
/sbin/ipchains -I input -j DENY -p tcp -s 0/0
8000:8050 -d 0/0 -i eth0

# Block iBEAM broadcasts
/sbin/ipchains -I input -j DENY -p tcp -s 0/0 1457 -d
0/0 -i eth1


TIA,
Rich

=====
---------------------------------------------------------
| Richard J. Lohman        | If you always do what you've |
| Net. Engr./Asst Director | always done, you'll always   |
| Data Processing Dept.    | get what you've always       |
| Porter County, IN        | got.                         |
 ---------------------------------------------------------

__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/

_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user

Reply via email to