Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] reject an IP with Apache2 and Suse Firewall.
  • From: "Peer Stefan" <stefan.peer@xxxxxxxx>
  • Date: Mon, 14 Mar 2005 11:32:12 +0100
  • Message-id: <01B66D0A11EB3E439676C0EAA891D89FC1519E@xxxxxxxxxxxxxxx>
Hi,

> From: Andrei Bintintan [mailto:klodoma@xxxxxxxxx]
>
> Hi,
>
> I'm getting some strange logs, in the apache access file from
> some IP's.
>
> How can I make a "blacklist" with apache so that I reject
> this specific IP from the webserver???

It's more convenient to do this with ip filters.

> I'm wondering for the same thing in the Suse Firewall. How
> can I make a blacklist for the suse firewall???

Sure - edit /etc/sysconfig/SuSEfirewall2 and enable
FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom"

Edit /etc/sysconfig/scripts/SuSEfirewall2-custom and add the following
to the "fw_custom_before_antispoofing()"-section

BLACKLIST="A.B.C.D E.F.G.H X.Y.Z.0/24"
for net in $BLACKLIST; do
iptables -A INPUT -s $net -j DROP
done

> This blacklist could be a simple IP list or ... maybe
> something more advanced can be made???
>
>
> Andy.

Cheers,
Stefan

< Previous Next >
Follow Ups