It works,
How can I also log these drops???
----- Original Message -----
From: "Peer Stefan"
From: Andrei Bintintan [mailto:klodoma@ar-sd.net]
Hi,
I'm getting some strange logs, in the apache access file from some IP's.
How can I make a "blacklist" with apache so that I reject this specific IP from the webserver???
It's more convenient to do this with ip filters.
I'm wondering for the same thing in the Suse Firewall. How can I make a blacklist for the suse firewall???
Sure - edit /etc/sysconfig/SuSEfirewall2 and enable FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom" Edit /etc/sysconfig/scripts/SuSEfirewall2-custom and add the following to the "fw_custom_before_antispoofing()"-section BLACKLIST="A.B.C.D E.F.G.H X.Y.Z.0/24" for net in $BLACKLIST; do iptables -A INPUT -s $net -j DROP done
This blacklist could be a simple IP list or ... maybe something more advanced can be made???
Andy.
Cheers, Stefan -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here