Drop the Current Established Connections

Drop the Current Established Connections

[bright true]

Hello , 

i want to know the right way of blocking an ip and drop the current Established 

connections from that ip 

Thanks

Re: Drop the Current Established Connections

[Taylor, Grant]

iptables -t filter -I INPUT -s ${IPAddress} -j DROP
#iptables -t filter -I INPUT -d ${IPAddress} -j DROP

iptables -t filter -I FORWARD -s ${IPAddress} -j DROP
iptables -t filter -I FORWARD -d ${IPAddress} -j DROP

#iptables -t filter -I OUTPUT -s ${IPAddress} -j DROP
iptables -t filter -I OUTPUT -d ${IPAddress} -j DROP

This should rather abruptly take care of it for you.  The two lines that I commented out should arguable not be needed but I put them there just in case and to serve as a reminder.



Grant. . . .

bright true wrote:
> Hello , 
> 
> i want to know the right way of blocking an ip and drop the current Established 
> 
> connections from that ip 
> 
> Thanks

Re: Drop the Current Established Connections

[R. DuFresne]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 31 May 2005, bright true wrote:

> Hello ,
>
> i want to know the right way of blocking an ip and drop the current Established
>
> connections from that ip
>

The best way is to not allow the connections to become Established, deny 
the syn.

Thanks,

Ron DuFresne
- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant:  sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCpK+6st+vzJSwZikRAgBHAKCMn+XtEd3Z/K0Hn6gnlG7QQcHTUACeNXvC
qjfMFtBDD5TevOzrcvt+qAE=
=Kjsm
-----END PGP SIGNATURE-----