Adding network & IP to hosts.deny
Rob
spamrefuse at yahoo.com
Mon Oct 11 03:09:16 PDT 2004
Pelle Andersson wrote:
> Hi!
>
> I have a lot of login attempts from various networks and IP addresses
> on my FBSD 4.10 server. I have read the man pages for hosts.deny but
> do not understand how to add networks and IP addresses to it.
>
> Let's say I want to block the network address 192.168.100.0 and/or
> the IP address 192.168.135.77.
As far as I understood, the use of /etc/hosts.deny is (going to be?)
depreciated. Instead use deny rules in /etc/hosts.allow.
For example:
ALL : 192.168.100.0 192.168.135.77 : deny
This does: for all services that actually using the /etc/hosts.allow,
it will deny all access by these two IP numbers.
However, notice that there are services that do not use the hosts.allow,
and those won't be affected. So if you want a full proof block of these
IP numbers, you better make a firewall rule to deny their access.
Rob.
More information about the freebsd-questions
mailing list