10-21-2009, 07:44 AM
IP 'Blocking' in Debian Linux; Ghetto Style.
By iintens - the iintens blog
This is a neat little trick I learned a while back from my good friend bsdpunk - It's a
quick and easy way to 'block' IP addresses on Debian Linux - This also works on debian-based distributions (Ubuntu.etc).
route add -host <offending-ip> netmask 0.0.0.0 lo
This is in no way a good permanent solution for blocking IP addresses, the data sent from the offending IP still reaches where it's supposed to, the applicatoin attached to that port (if any) still processes the packets and replies to them (if that's what it is supposed to do) but instead of being pushed to the destination IP they are just sent through the loopback interface (it basically eats the packets).
Enjoyed this, read more awesome crap at http://blog.iintens.org
By iintens - the iintens blog
This is a neat little trick I learned a while back from my good friend bsdpunk - It's a
quick and easy way to 'block' IP addresses on Debian Linux - This also works on debian-based distributions (Ubuntu.etc).
route add -host <offending-ip> netmask 0.0.0.0 lo
This is in no way a good permanent solution for blocking IP addresses, the data sent from the offending IP still reaches where it's supposed to, the applicatoin attached to that port (if any) still processes the packets and replies to them (if that's what it is supposed to do) but instead of being pushed to the destination IP they are just sent through the loopback interface (it basically eats the packets).
Enjoyed this, read more awesome crap at http://blog.iintens.org