Dear listener,
Nigel Gaylard wrote:
Hi All
I would like to create a list of IP address's that should be denied all access to my server. I have currently 2 or 3 people making a deliberate effort to hack into my SSH port, and so I would like to deny them access to it at firewall level, as well as all other ports. I can't seem to find information in the Suse documentation on firewall2.
if you dont like overkill maybe this is what you want: create /etc/sysconfig/scripts/SuSEfirewall2-custom with content fw_custom_before_denyall () { EVIL_SRC_1=192.168.1.245/32 EVIL_SRC_2=192.168.1.246/32 iptables -I INPUT --source $EVIL_SRC_1 -j DROP iptables -I INPUT --source $EVIL_SRC_2 -j DROP } change it to fit your needs and remove comment in the last line of /etc/sysconfig/SuSEfirewall2 like FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom" then stop and start firewall (i dont know another way) Luck Stefan