[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SuSEfirewall2 drop/reject on ip address

Could someone tell me how to configure SuSEfirewall2 to drop packets based
source address(s)/range?  Any help would be appreciated.

Take a look at the configuration file "/etc/sysconfig/SuSEfirewall2"

## Type:        string
# 25.)
# Do you want to load customary rules from a file?
# This is really an expert option. NO HELP WILL BE GIVEN FOR THIS!
# READ THE EXAMPLE CUSTOMARY FILE AT /etc/sysconfig/scripts/SuSEfirewall2-custom

in "/etc/sysconfig/scripts/SuSEfirewall2-custom" are examples which
may help you to meet your needs. Good place to block an address range
seems to be "fw_custom_after_antispoofing()".

hope that helps

the polarizer

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here