How to block a range of IP's with system-config-securitylevel-tui?
Cassius V. de Magalhaes
cviniciusm at terra.com.br
Wed Nov 24 13:34:04 UTC 2004
> Am Mi, den 24.11.2004 schrieb Vinicius um 12:47:
>
> > how to block a range of IP's with system-config-securitylevel-tui,
> > please?
> >
> > TIA, Vinicius.
> >
> > ______________________________________________________________________
> This is not supported by the tool.
>
> You could manually add something like this to the netfilter
> configuration using iptables:
>
> iptables -I INPUT -i $YOUR_INPUT_INTERFACE -p tcp -m tcp -s $IP/$NET -j
> REJECT --reject-with icmp-port-unreachable
>
> "service iptables save" will store the changed setup in
> /etc/sysconfig/iptables. The range in the example above is made by the
> CIDR notation, like 192.168.0.0/24 for 192.168.0.0-192.168.0.255.
>
> Alexander
Does $YOUR_INPUT_INTERFACE is eth0 for example?
The iptables -L doesn't show any interface, only "RH-Firewall-1-INPUT"
as the "target" field.
I have tryed the command under with $YOUR_INPUT_INTERFACE set up to
RH-Firewall-1-INPUT, but it showed "interface name
`RH-Firewall-1-INPUT' must be shorter than IFNAMSIZ (15)".
What´s I'm doing wrong, please?
TIA, Vinicius.
More information about the fedora-list
mailing list