2010-10-06 12:23:08 -06:00
|
|
|
# List of IPs to block outright
|
|
|
|
# Two formats:
|
|
|
|
# 1) One IP or range per line
|
|
|
|
# 2) One ip or range per line with added specific IN/OUT/FWD and TCP/UDP port (added in 0.9.8)
|
2010-10-06 14:05:09 -06:00
|
|
|
# <SRC IF>|<SRC IP>|<SRC PORT RNG>|<DST IF>|<DST IP>|<DST PORT RNG>|<IN/OUT/FWD>|<PROTO>
|
2010-10-06 12:23:08 -06:00
|
|
|
# One can leave out <SRC IF> <SRC IP> <SRC PORT RNG> <DST IF> <DST IP> <DST PORT RNG>
|
|
|
|
# if you want to apply to all ports/interfaces/etc
|
|
|
|
# Example:
|
|
|
|
# - Block SRC of eth1 192.168.0.5:80 from contacting DST eth0 192.168.1.10:20 through 21, TCP
|
2010-10-06 14:05:09 -06:00
|
|
|
# eth1|192.168.0.5|80|eth0|192.168.1.10|20-21|IN|TCP
|
|
|
|
# Useful ones that I use at home are|
|
|
|
|
#||6881-6999|||OUT|TCP
|