Re: Blocking incoming IP address immediately
From: Tim Haynes (usenet-20041130_at_stirfried.vegetable.org.uk)
Date: 11/30/04
- Previous message: Darren Tucker: "Re: My Linux server got hacked last night -- please help!"
- In reply to: Bill Unruh: "Re: Blocking incoming IP address immediately"
- Next in thread: Nico Declerck: "Re: Blocking incoming IP address immediately"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Nov 2004 10:20:05 +0000
unruh@string.physics.ubc.ca (Bill Unruh) writes:
[snip]
> ]Well, there is a problem with downing the entire interface. This is a
> ]game server with 30+ users on it most all the time. I need to be able to
> ]block a single user on the fly without effecting the "good guys".
>
> It is an iptables issue. IPtables could be brought down and up, rather than
> the interface (which would not do much).
Wrong. Downing the interface will terminate all connections on it - this
being why you *must* do the `service network restart' within nohup or
screen's control.
Restart iptables may lead to the current rule-set being saved into
/etc/sysconfig/, all rules blanked, and then being reinstated. There is
definitely no point in that.
~Tim
-- Seinn, Seinn, Seinn |piglet@stirfried.vegetable.org.uk Oran ur, oran an uir |http://spodzone.org.uk/
- application/pgp-signature attachment: stored
- Previous message: Darren Tucker: "Re: My Linux server got hacked last night -- please help!"
- In reply to: Bill Unruh: "Re: Blocking incoming IP address immediately"
- Next in thread: Nico Declerck: "Re: Blocking incoming IP address immediately"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
