2010-10-06 12:23:08 -06:00
|
|
|
# List of IPs to block outright
|
|
|
|
# Two formats:
|
|
|
|
# 1) One IP or range per line
|
|
|
|
# 2) One ip or range per line with added specific IN/OUT/FWD and TCP/UDP port (added in 0.9.8)
|
|
|
|
# <SRC IF>:<SRC IP>:<SRC PORT RNG>:<DST IF>:<DST IP>:<DST PORT RNG>:<IN/OUT/FWD>:<PROTO>
|
|
|
|
# One can leave out <SRC IF> <SRC IP> <SRC PORT RNG> <DST IF> <DST IP> <DST PORT RNG>
|
|
|
|
# if you want to apply to all ports/interfaces/etc
|
|
|
|
# Example:
|
|
|
|
# - Block SRC of eth1 192.168.0.5:80 from contacting DST eth0 192.168.1.10:20 through 21, TCP
|
|
|
|
# eth1:192.168.0.5:80:eth0:192.168.1.10:20-21:IN:TCP
|
2010-10-06 12:54:05 -06:00
|
|
|
# Useful ones that I use at home are:
|
|
|
|
#::6881-6999:::OUT:TCP
|