Andrew Lietzow
2002-Dec-05 13:50 UTC
[Shorewall-users] Simple Question - How to block certain IP''s
Dear Shorewall wizards, I have noticed in my netwatch log access by several IP addresses that are supposedly making requests to my ftp server. I don''t want to disallow all access, but I do want to block anyone that is not an allowed user. I made an entry in /etc/policy like this: XXX.XXX.XXX.XXX all DROP info but the system pukes on syntax. IF I could block them from using FTP only, that would be even better. Anyone able or willing to shed some light on this? Incidentally, anyone know anything about club-internet.fr or interbusiness.it ? TIA, -- Andrew Lietzow The ACL Group, Inc.
Tom Eastep
2002-Dec-05 15:08 UTC
[Shorewall-users] Simple Question - How to block certain IP''s
--On Thursday, December 05, 2002 07:50:16 AM -0600 Andrew Lietzow <andrewl@theaclgroup.com> wrote:> Dear Shorewall wizards, > > I have noticed in my netwatch log access by several IP addresses that are > supposedly making requests to my ftp server. I don''t want to disallow > all access, but I do want to block anyone that is not an allowed user. > > I made an entry in /etc/policy like this: > XXX.XXX.XXX.XXX all DROP info > but the system pukes on syntax. > > IF I could block them from using FTP only, that would be even better. > > Anyone able or willing to shed some light on this? >You can add entries in either the blacklist file or the rules file to do what you want. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net