-----Original Message----- From: Tom Eastep [mailto:[email protected]] Sent: Monday, 9 August 2010 11:28 PM To: [email protected] Subject: Re: [Shorewall-users] connection rejection
On 8/9/10 8:17 AM, Vieri Di Paola wrote: > > > --- On Mon, 8/9/10, Tom Eastep <[email protected]> wrote: > >> Shorewall blacklisting blacklists the SOURCE address, not the >> DESTINATION address. From the 'show connections' output, the original >> connection was TO 123.123.123.123, not FROM that host. >> >> So after blacklisting that IP, you can still connect to it. > > Thanks. > Is there a way to "dynamically" blacklist a destination address? (and > "de-blacklist" it) No. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ Although at Linux command line you could do: sudo ip route add blackhole 123.123.123.123 And remove it with: sudo ip route del blackhole 123.123.123.123 Kind regards, Trent O'Callaghan ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
