BAN an IP..

[Gentoo_boy]

I've got 2 noob questions..

1) How to BAN someone's IP forever using "hosts.deny"?
2) Is there any other way to BAN an IP forever(using apache)?



please answer me.. any idea/tips would be just great..
Thanks in advance

[tycho1983]

just create a kernel firewall rule ....

[Gentoo_boy]

[Evil Dark Archon]

you could always use the firewall module of webmin (emerge webmin if you don't have it). but there are quite a few iptables front-ends in portage, just browse the net-firewall directory of portage, just beware that some of them are old and might not compile.
_________________
This post has been over explained for newb-informing purposes.

Registered Linux user 347334
Abit AV8-3rd eye, AMD Athlon64 3500+ 90nm, ATI Radeon x850 pro

[Gentoo_boy]

I never heared abt webmin, will try though.. thanks for the information.
Btw, do you guys think that 'host.deny' is less powerful to BAN an IP?

I've tried 'host.deny'(ALL: IP_ADDRESS), it doesn't seems to be working for me.. Could anyone tell me whats wrong with it?

[abali]

/etc/hosts.{deny,allow} are taken into account only by applications that use the so-called TCP wrapper (sys-apps/tcp-wrappers). Apache is not a such an application, while openssh (and all other packages that recognize the "tcpd" USE flag) are. Therefore to ban an IP for all applications regardless whether they use the TCP wrapper or not, you'll have to use kernel-level firewall rules. Such rules can be entered using the "iptables" program that has a great two-part tutorial in the "Documentation, tips & tricks" section of this forum. To simply block all incoming packets from a specific IP, you'd have to use the following command (provided you have all the prerequisites installed):

[ignarus]

doesn't this cause alot of overhead/danger for kernel packet routing ?? I had thought about doing this, but I'm afraid I'll crash my own system when addresses that'll be dropped get put in the input table over time

[MrUlterior]