it would be safer if you reverse your rules instead.. like deny everything else then only allow specific ip's that may use the firewall/gateway... just in case if you have people running windows95/98 and the likes that can easily modify their ip numbers or add gateways..
>From: Jessie Evangelista <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: Re: [plug] blocking a specific ip address >Date: Tue, 07 May 2002 16:18:35 -0800 > >john Paul Tomas wrote: > >>Good day to all, >> >>Anybody can give me an idea on how to block a specific ip address? >>I put this line on my rc.local >> ipchains -A forward -j MASQ -s 192.168.0.0/16 -d 0.0.0.0/0 >> >>Now I wanna block a specific ip on all services. like 192.168.2.200 >> >> >>thanks >> >> >Hi Mr Tomas, > >if my guess is correct, you can put > >ipchains -A REJECT -s 192.168.2.200/255 -d 0.0.0.0/0 > >above the line containing your forward everything command =) > > > > >-- > > >============================================================ >Jessie Evangelista<[EMAIL PROTECTED]> >Developer, SMetrix Inc. ,Philippines >Tel no.: +6328438064 >============================================================ > > > >_ >Philippine Linux Users Group. Web site and archives at >http://plug.linux.org.ph >To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > >To subscribe to the Linux Newbies' List: send "subscribe" in the body to >[EMAIL PROTECTED] _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
