[ previous ] [ next ] [ threads ]
 From:  "Fred Weston" <fred at daytonawan dot com>
 To:  "'Bart Smit'" <bit at pipe dot nl>, "'Boris Rudoy'" <boris at rudoy dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Bloking some internet ip addreses
 Date:  Fri, 19 Dec 2003 09:00:23 -0500
The easiest way to do it without using any firewall rules is to create a
bogus static route to that host, but since you have a firewall rule
table to use, just create a rule denying everything from source * to
dest <ip addr>.

> -----Original Message-----
> From: www-data [mailto:www dash data at levante dot wiggy dot net] On Behalf 
> Of Bart Smit
> Sent: Friday, December 19, 2003 7:01 AM
> To: Boris Rudoy
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Bloking some internet ip addreses
> Boris Rudoy said:
> > Can I prevent my computers behaind m0m0wall from connect to 
> few inet 
> > IP addreses?
> Of course you can. That is the whole point of a firewall, 
> isn't it? Did you even install it and take a look at it 
> before asking such a question? If not, shame on you! ;-)
> --B
> (btw doing this by host file does not make IP addresses 
> unreachable; it merely messes with name resolution)
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch