[WBEL-users] Block IP Address
Vincent.Raffensberger@dtn.com
Vincent.Raffensberger@dtn.com
Sat, 1 May 2004 23:46:26 -0500
This is a multipart message in MIME format.
--=_alternative 001A39A986256E88_=
Content-Type: text/plain; charset="US-ASCII"
I don't think there's a solid answer to that question. It just depends on
the situation and your preference. Regarding portability, blackholing is
commonplace on Sun systems.
If you already have iptables/ ipchains running and need to block an
address(s), you may as well use iptables.
If you're not using iptables and need to block an address, a blackhole
route is quick and easy.
You can easily make it temporary with an at job:
at 6am Saturday
at> route delete -host 1.2.3.4
Michael Torrie <torriem@chem.byu.edu>
Sent by: whitebox-users-admin@beau.org
05/01/2004 04:05 PM
To
whitebox-users@beau.org
cc
Subject
Re: [WBEL-users] Block IP Address
On Fri, 2004-04-30 at 18:53, Richard Swift wrote:
> I really appreciate the help from all. How would I go about checking if
a
> reject route already exists?
>
> When I do a man on ROUTE one of the examples is :
> route add -net 10.0.0.0 netmask 255.0.0.0 reject
>
>
> I don't want to change the state if it is already configured.
Forgive my ignorance, but when should a route be rejected as apposed to
just using iptables to drop a host or range of hosts? Portability is
one aspect, I imagine.
Michael
>
>
> Richard Swift
> 678.524.7582
> _______________________________________________
> Whitebox-users mailing list
> Whitebox-users@beau.org
> http://beau.org/mailman/listinfo/whitebox-users
--
Michael Torrie <torriem@chem.byu.edu>
_______________________________________________
Whitebox-users mailing list
Whitebox-users@beau.org
http://beau.org/mailman/listinfo/whitebox-users
--=_alternative 001A39A986256E88_=
Content-Type: text/html; charset="US-ASCII"
<br><font size=2 face="sans-serif">I don't think there's a solid answer
to that question. It just depends on the situation and your preference.
Regarding portability, blackholing is commonplace on Sun systems.</font>
<br>
<br><font size=2 face="sans-serif">If you already have iptables/ ipchains
running and need to block an address(s), you may as well use iptables.</font>
<br><font size=2 face="sans-serif">If you're not using iptables and need
to block an address, a blackhole route is quick and easy.</font>
<br>
<br><font size=2 face="sans-serif">You can easily make it temporary with
an at job:</font>
<br>
<br><font size=2 face="sans-serif">at 6am Saturday</font>
<br><font size=2 face="sans-serif">at> route delete -host 1.2.3.4</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>Michael Torrie <torriem@chem.byu.edu></b>
</font>
<br><font size=1 face="sans-serif">Sent by: whitebox-users-admin@beau.org</font>
<p><font size=1 face="sans-serif">05/01/2004 04:05 PM</font>
<td width=59%>
<table width=100%>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td valign=top><font size=1 face="sans-serif">whitebox-users@beau.org</font>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td valign=top>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td valign=top><font size=1 face="sans-serif">Re: [WBEL-users] Block IP
Address</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><font size=2><tt>On Fri, 2004-04-30 at 18:53, Richard Swift wrote:<br>
> I really appreciate the help from all. How would I go about
checking if a<br>
> reject route already exists?<br>
> <br>
> When I do a man on ROUTE one of the examples is :<br>
> route add -net 10.0.0.0 netmask 255.0.0.0 reject<br>
> <br>
> <br>
> I don't want to change the state if it is already configured.<br>
<br>
Forgive my ignorance, but when should a route be rejected as apposed to<br>
just using iptables to drop a host or range of hosts? Portability
is<br>
one aspect, I imagine.<br>
<br>
Michael<br>
<br>
<br>
> <br>
> <br>
> Richard Swift<br>
> 678.524.7582<br>
> _______________________________________________<br>
> Whitebox-users mailing list<br>
> Whitebox-users@beau.org<br>
> http://beau.org/mailman/listinfo/whitebox-users<br>
-- <br>
Michael Torrie <torriem@chem.byu.edu><br>
_______________________________________________<br>
Whitebox-users mailing list<br>
Whitebox-users@beau.org<br>
http://beau.org/mailman/listinfo/whitebox-users<br>
</tt></font>
<br>
--=_alternative 001A39A986256E88_=--