2002-05-01 01:13:15 +02:00
|
|
|
#
|
2002-05-18 15:45:23 +02:00
|
|
|
# Shorewall 1.3 -- Blacklist File
|
2002-05-01 01:13:15 +02:00
|
|
|
#
|
|
|
|
|
# /etc/shorewall/blacklist
|
|
|
|
|
#
|
|
|
|
|
# This file contains a list of IP addresses, MAC addresses and/or subnetworks.
|
|
|
|
|
# When a packet arrives on in interface that has the 'blacklist' option
|
|
|
|
|
# specified, its source IP address is checked against this file and disposed of
|
|
|
|
|
# according to the BLACKLIST_DISPOSITION and BLACKLIST_LOGLEVEL variables in
|
|
|
|
|
# /etc/shorewall/shorewall.conf
|
|
|
|
|
#
|
|
|
|
|
# MAC addresses must be prefixed with "~" and use "-" as a separator.
|
|
|
|
|
#
|
|
|
|
|
# Example: ~00-A0-C9-15-39-78
|
2002-09-15 00:00:52 +02:00
|
|
|
#
|
|
|
|
|
# Each ADDRESS/SUBNET may be optionally followed by a protocol name or number
|
|
|
|
|
# and an optional port number. If these are supplied, only packets matching
|
|
|
|
|
# the protocol and the port (if supplied) are blocked.
|
|
|
|
|
#
|
|
|
|
|
# Example:
|
|
|
|
|
#
|
|
|
|
|
# To block DNS queries from address 192.0.2.126:
|
|
|
|
|
#
|
|
|
|
|
# ADDRESS/SUBNET PROTOCOL PORT
|
|
|
|
|
# 192.0.2.126 udp 53
|
2002-05-01 01:13:15 +02:00
|
|
|
###############################################################################
|
2002-09-15 00:00:52 +02:00
|
|
|
#ADDRESS/SUBNET PROTOCOL PORT
|
2002-05-01 01:13:15 +02:00
|
|
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
|
|
|
|
|
|
|
|
|
|
