On Saturday 08 October 2005 08:27 pm, James Gibbon wrote: > if I try to block the aforementioned SOB's ip address on the filter > table (when -t isn't specified it is supposed to go to the filter > table): # iptables -A INPUT -s 123.45.67.89 <http://123.45.67.89> -j > DROP I get: > iptables: No chain/target/match by that name
Just leave out the "<http://...>" part to block everything coming in from that IP, no matter what it's destination is. > but iptables is already installed. hmmm. what next? any ideas? If you've gotten as far as iptables complaining about the rule, it's installed, the module is loaded, and there's no conflicting packetfilter stuff around. It's working, in other words -- all you have to do is get the syntax right, and it'll start filtering. 'iptables -n -L' will show you what chains and rules are there (the -n turns off DNS lookup). 'iptables -nv -L' will tell you which rules have been matched and how many times. I can't say what to do about boot startup. I'm writing a big shell script, and I'm just going to start that. Firewalling, of course, is a huge subject. If that's what you're trying to do, you're going to have to get a big thick book and read it. If all you want is to stomp a few spammers, you won't need much more than that one command: 'iptables -A INPUT -s <spammerIP> -j DROP'. -- Glenn English [EMAIL PROTECTED] GPG ID: D0D7FF20 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
