[Firewall] Hi

Eli Wapniarski eli at orbsky.homelinux.org
Mon Jul 7 05:49:17 CEST 2014


Thanks for responding Lonnie

Correct me if I'm wrong, the block hosts file will block everybody won't it?? 
Actually, the hard work that I did was to google it. lol???

Eli

On Sunday 06 July 2014 22:14:01 Lonnie Abelbeck wrote:
> Eli,
> 
> If you are not already using the BLOCK_HOSTS_FILE, enable it in
> firewall.conf: --
> BLOCK_HOSTS_FILE="/etc/arno-iptables-firewall/blocked-hosts"
> --
> 
> Then run this **untested** script via cron every day or so...
> 
> ---- cron script ----
> #!/bin/sh
> 
> BLOCK_HOSTS_FILE="/etc/arno-iptables-firewall/blocked-hosts"
> 
> (
>   for ip in $(whois -h whois.radb.net '!gAS32934' | grep '/'); do
>     echo "$ip"
>   done
> ) > "$BLOCK_HOSTS_FILE"
> 
> arno-iptables-firewall force-reload
> ----
> 
> You did the hard work with the 'whois' :-)
> 
> Lonnie
> 
> On Jul 6, 2014, at 7:22 AM, Eli Wapniarski wrote:
> > I was wondering if anyone can help.
> > 
> > I probably need to write a custom rule to block facebook access from a
> > specific ip address on my internal network. I am having a weird problem
> > that where the launcher for an mmorpg game on that computer first runs,
> > it tries to access facebook and then crashes. If access to facebook is
> > blocked, then the launcher and the game works just fine. The developers
> > have been alerted and they are working on a fix.
> > 
> > In the meantime, I need to have a rule in place to block all of facebooks
> > ips.
> > 
> > 
> > I've found a script, which does work, but it would be cool if I could turn
> > this into a custom rule for arnos-iptables-firewall. The script follows
> > 
> > for ip in `whois -h whois.radb.net '!gAS32934' | grep /`; do   iptables -A
> > OUTPUT  -p all -d $ip -s internal.host.ip.address -j DROP; done
> > 
> > Thanks
> 
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl



More information about the Firewall mailing list