# # Shorewall version 3.0 - Blacklist File # # /etc/shorewall/blacklist # # This file contains a list of IP addresses, MAC addresses and/or # subnetworks. # # Columns are: # # ADDRESS/SUBNET - Host address, subnetwork, MAC address, IP address # range (if your kernel and iptables contain iprange # match support) or ipset name prefaced by "+" (if # your kernel supports ipset match). # # MAC addresses must be prefixed with "~" and use "-" # as a separator. # # Example: ~00-A0-C9-15-39-78 # # A dash ("-") in this column means that any source # address will match. This is useful if you want to # blacklist a particular application. # # PROTOCOL - Optional. If specified, must be a protocol number # or a protocol name from /etc/protocols. # # PORTS - Optional. May only be specified if the protocol # is TCP (6) or UDP (17). A comma-separated list # of destination port numbers or service names from # /etc/services. # # When a packet arrives on an interface that has the 'blacklist' option # specified in /etc/shorewall/interfaces, its source IP address is # checked against this file and disposed of according to the # BLACKLIST_DISPOSITION and BLACKLIST_LOGLEVEL variables in # /etc/shorewall/shorewall.conf # # If PROTOCOL or PROTOCOL and PORTS are supplied, only packets matching # the protocol (and one of the ports if PORTS supplied) are blocked. # # Example: # # To block DNS queries from address 192.0.2.126: # # ADDRESS/SUBNET PROTOCOL PORT # 192.0.2.126 udp 53 # # Example: # # To block DNS queries from addresses in the ipset 'dnsblack': # # ADDRESS/SUBNET PROTOCOL PORT # +dnsblack udp 53 # # Please see http://shorewall.net/blacklisting_support.htm for additional # information. # ############################################################################### #ADDRESS/SUBNET PROTOCOL PORT #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE