|
|
Re: [Lug-bg] iptables blocklist
- Subject: Re: [Lug-bg] iptables blocklist
- From: Georgi Chorbadzhiyski <gf@xxxxxxxxxxx>
- Date: Mon, 03 Sep 2007 11:35:27 +0300
- Cc: Linux Users Group - Bulgaria <lug-bg@xxxxxxxxxxxxxxxxxx>
- Organization: Unix Solutions Ltd. (http://unixsol.org)
Around 09/03/07 11:23, boikov@xxxxxxxxx scribbled:
> Hi,
>
> можеш да използваш и iproute2
>
> [root@masq-gw]# ip route add prohibit 209.10.26.51
> [root@tristan]# ssh 209.10.26.51
> ssh: connect to address 209.10.26.51 port 22: No route to host
> [root@masq-gw]# tcpdump -nnq -i eth2
> tcpdump: listening on eth2
> 22:13:13.740406 192.168.99.35.51973 > 209.10.26.51.22: tcp 0 (DF)
> 22:13:13.740714 192.168.99.254 > 192.168.99.35: icmp: host
> 209.10.26.51 unreachable - admin prohibited filter [tos 0xc0]
>
> http://linux-ip.net/html/tools-ip-route.html
Още по-готино, защото заема много по-малко ресурс от iptables
решението.
--
Georgi Chorbadzhiyski
http://georgi.unixsol.org/
_______________________________________________
Lug-bg mailing list
Lug-bg@xxxxxxxxxxxxxxxxxx
http://linux-bulgaria.org/mailman/listinfo/lug-bg
|
|
|