Blacklisting Support

Shorewall supports two different forms of blacklisting; static and dynamic.

Static Blacklisting

Shorewall static blacklisting support has the following configuration parameters:

Dynamic Blacklisting

Dynamic blacklisting support was added in version 1.3.2. Dynamic blacklisting doesn't use any configuration parameters but is rather controlled using /sbin/shorewall commands:

Example 1:

     shorewall deny 192.0.2.124 192.0.2.125

    Drops packets from hosts 192.0.2.124 and 192.0.2.125

Example 2:

     shorewall allow 192.0.2.125

    Reenables access from 192.0.2.125.

Last updated 9/16/2002 - Tom Eastep

Copyright © 2002 Thomas M. Eastep.