On Wed, 4 May 2005, Zero One wrote:
> i want to block an ip address on my system i did http_access deny but
> the clint is entering url addrss of 65550 bytes and it makes down my
> system and this request comes 10 times in a second
>
> please suggest what to do and how can i block this clint using
> iptables by pre routing
What do do:
use firewalling (iptables) to shield this client off from using Internet
until the malware (virus/worm/trojan/whatever) has been removed from it.
If you run transparent interception:
iptables -t nat -I PREROUTING 1 -s ip.of.bad.client -j DROP
If you run as a normal proxy:
iptables -I INPUT 0 -s ip.of.bad.client -j DROP
(the rule above also works but has the sideeffect of activating NAT
support in the kernel which you maybe don't want to do on a normal proxy)
A number of other alternatives in the same spirit is also possible.
Regards
Henrik
Received on Mon May 16 2005 - 00:49:31 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:02 MDT